Foxit Software released a security update for its Foxit Reader product that addresses over 100 vulnerabilities, some of them that could be exploited by a remote attacker to execute arbitrary code.
Foxit Reader is a multilingual freemium PDF tool that can create, view, edit, digitally sign, and print PDF files, it has hundreds of millions of installations.
Foxit has released Reader 9.3 and Foxit PhantomPDF 9.3 to address security and stability issues.
Foxit Reader 9.3 addressed a broad range of vulnerabilities, including out-of-bounds, use-after-free, information disclosure, type confusion, and memory corruption bugs.
The updates fix a total of 116 vulnerabilities, 18 of them are rated as “critical” and have been discovered by the researchers at Cisco Talos group.
The updates were issued a couple of days before Adobe released security patches for 86 flaws in Mac and Windows version of Adobe Acrobat and Adobe Reader, 46 of them rated as critical.
(Security Affairs – Reader, hacking)