alphaspirit - Fotolia
My company uses Foxit Reader to track who opens a PDF document and what they do, and to notify readers of new updates....
There were recently two critical, zero-day vulnerabilities found in Foxit Reader. What are the vulnerabilities, and what should be done to mitigate them?
The first of the two Foxit Reader vulnerabilities -- CVE-2017-10951 -- is a command injection bug that was discovered by security researcher Ariele Caltabiano, who was working with Trend Micro's Zero Day Initiative.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Find out why enterprises struggle with emergency patching
Discover more about the Apache open source Java tool for PDFs
Dig Deeper on Secure software development
Related Q&A from Judith Myerson
Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not ... Continue Reading
The Constrained Application Protocol underpins IoT networks. But the protocol could allow a threat actor to launch an attack. Continue Reading
Dutch researchers discovered flaws in ATA security and TCG Opal affecting self-encrypting drives. What steps can you take to guard data stored on ... Continue Reading