Foxit PDF Reader and Editor Vulnerable on macOS and Windows
For security reasons, users of Foxit PDF applications should ensure that the software is up to date.
Attackers could attack macOS and Windows computers using Foxit PDF Editor or PDF Reader and execute malicious code after successful attacks. Security updates close the vulnerabilities.
Patch now!
As per the security section of Foxit’s website, the versions Foxit PDF Editor 12.0.1 and Foxit PDF Reader 12.0.1 for macOS and Windows must be secured against malicious code attacks. Attackers could also use DoS attacks to crash applications or access data without authorization.
What attacks could look like in detail is not clear from the brief descriptions. It often reads as if victims had to open specially crafted PDF documents in order for memory corruption to occur and attackers to be able to run their own code.
Concrete information about the gaps is also missing. The emergency team of the Federal Office for Information Security (BSI) CERT Bund classifies the vulnerabilities as “critical” a.
