My company uses Foxit Reader to track who opens a PDF document and what they do, and to notify readers of new updates....
There were recently two critical, zero-day vulnerabilities found in Foxit Reader. What are the vulnerabilities, and what should be done to mitigate them?
The first of the two Foxit Reader vulnerabilities -- CVE-2017-10951 -- is a command injection bug that was discovered by security researcher Ariele Caltabiano, who was working with Trend Micro's Zero Day Initiative.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Find out why enterprises struggle with emergency patching
Discover more about the Apache open source Java tool for PDFs
Dig Deeper on Secure software development
Related Q&A from Judith Myerson
The Signal Desktop application was found to be making decryption keys available in plaintext. Learn how the SQLite database and plaintext passwords ... Continue Reading
An exploit code for Dirty COW was accidentally shipped by Cisco with product software. Learn how this code ended up in a software release and what ... Continue Reading
Cisco's Webex Meetings platform had to be re-patched after researchers found the first one was failing. Discover what went wrong with the first patch... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.