Establishing Digital Trust: Don't Sacrifice Security for Convenience
"Version 5.4.5 of Reader addresses a boundary error in the program’s Web browser plugin, 'npFoxitReaderPlugin.dl,'" writes Threatpost's Christopher Brook. "If left unpatched the vulnerability could have caused a stack-based buffer overflow when parsing an overly long file name and allowed an attacker to run arbitrary code. Vulnerability firm Secunia classified the flaw as highly critical at the time, warning it affected all versions of Foxit."
"Foxit's Reader is popularly considered the secure alternative to Adobe Reader," writes PCMag.com's Fahmida Y. Rashid. "The site was unavailable earlier today, but appears to be back now. It's not clear at the moment what may have disrupted the service. 'Update as soon as you can,' said Graham Cluley, senior technology consultant at Sophos."
"Foxit says users can either run 'Check for Updates Now' in the standalone Reader application to update to version 5.4.5 or download the updated edition from its Web site," The H Security reports.