In association with heise online

28 February 2011, 12:36

Security update for Foxit Reader

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Foxit Reader Logo Foxit Software has announced the release of version of its PDF Reader product, a maintenance update that addresses a "highly critical" security vulnerability. According to Foxit, the patch corrects an issue that could, when opening a specially crafted document, cause an integer overflow error when processing specific ICC profiles, in turn leading to a heap-based buffer overflow. This could be used, for example, by an attacker to compromise a user's system by terminating the application or executing arbitrary code.

Versions up to and including Foxit Reader and Foxit Phantom are reportedly affected. Foxit says that it plans to release an update for its Phantom PDF Suite later this week – the latest version is 2.2.3. All users are advised to upgrade.

Further details about the Foxit Reader update can be found in the official release announcement and in the firm's security bulletin. Foxit Reader is available to download from the company's site. Alternatively, existing users can select "Check for Updates Now" via the Reader help menu to upgrade to the latest release.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit