alphaspirit - Fotolia
My company uses Foxit Reader to track who opens a PDF document and what they do, and to notify readers of new updates. There were recently two critical, zero-day vulnerabilities found in Foxit Reader. What are the vulnerabilities, and what should be done to mitigate them?
The first of the two Foxit Reader vulnerabilities -- CVE-2017-10951 -- is a command injection bug that was discovered by security researcher Ariele Caltabiano, who was working with Trend Micro's Zero Day Initiative.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Find out why enterprises struggle with emergency patching
Discover more about the Apache open source Java tool for PDFs
Dig Deeper on Secure software development
Related Q&A from Judith Myerson
Brrr ransomware, a Dharma variant, was found adding malicious extensions to encrypted files. Discover how this is possible and how this attack can be... Continue Reading
Despite being designed to improve security, infosec experts have warned against preloading the HSTS protocol. Learn about the risks of preloaded HSTS... Continue Reading
Check Point researchers found a fax machine attack allowing attackers to access scanned documents. Discover how this is possible and how users can ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.