- The developer was immediately notified, and a fixing patch has already been released.
- Users are advised to be careful with what PDF files they open, as this would be enough to fall victims.
Researchers from the Cisco Talos security team have discovered four remote code execution (RCE) vulnerabilities in the Foxit PDF Reader. The product is a popular freemium alternative to Adobe Reader, which enables users to view, edit, sign, and print PDF files. It has quickly captured large chunks of the market by being small and snappy, and it is currently used by millions in Windows, macOS, Android, and iOS. Thus, the vulnerabilities that have been discovered affect a large number of users and all versions below 126.96.36.199, so everyone is urged to update to 9.7.1 or later immediately.
So, what could the user do in order to avoid falling victim to a damaging RCE attack? First, not using any PDF reading extension on your browser would be a good idea. After all, most browsers today have an in-built tool for that. Secondly, you should avoid opening PDF files that have downloaded on your system automatically or without you doing it consciously. Thirdly, any PDF files that are attached to phishing emails should be left untouched. Finally, you should regularly update your Foxit PDF Reader software and apply any available patches as soon as they are made available.
Back in August, Foxit software announced a security incident that has resulted in the exposure of the personal data of customers. This concerned both the users who paid for a premium product (more features) and those who were using the free version but still wanted to participate in the community. Thus, if you’re on the look for alternatives, you may return to Adobe’s offering, use Google Drive to open PDFs or install the open-source “Evince” reader. Other widely-used tools are the “Sumatra PDF” (lightweight and fast), the “PDF-XChange Editor” (feature-packed), or the “Nitro PDF” (well-balanced).