Security updates for Foxit products
Foxit Software has announced the release of version 4.2 of its PDF Reader product, closing two security vulnerabilities. Foxit Reader 4.2 addresses a buffer overflow issue that occurred when processing PDF documents with titles longer than 512 bytes. An issue that could be exploited by an attacker to inject and execute malicious code on a victims system. Additionally, the update fixes a security flaw related to digital signatures.
The latest version of Foxit adds support for the Address Space Layout Randomisation (ASLR) and Data Execution Prevention (DEP) Windows 7 and Vista protection mechanisms. Foxit has also released an update for its Phantom PDF Suite, version 2.2, that resolves the above issues and addresses a bug that caused the wrong date and time to be displayed in certain time zones.
Further information can be found in a security advisory. Foxit Reader 4.2 is available to download from the company's site. Alternatively, existing users can select "Check for Updates Now" via the Reader help menu to upgrade to the latest release.
- New Features Enhance Document Security in Foxit Reader and Phantom PDF Suite
- Adobe patches 23 holes in Reader and Acrobat, a report from The H.
- Windows exploit protection mostly unused, a report from The H.