Foxit Software has released security update for their Foxit Reader 5.4.4 which has fixed vulnerability in its web browser plugin that could allow an attacker to execute arbitrary code on users Computer. After security researchers found the vulnerability in dll file related to Foxit Reader plugin of Firefox browser for 5.4.4 and earlier versions, Foxit has addressed it by releasing Foxit Reader 5.4.5 update.
Users using this PDF software are urged to upgrade to latest version ASAP. They can manually check for updates from help menu in the program and install the updates or download the latest version from Foxit software website.
Hackers now trying to find loopholes in other PDF Readers like Foxit to exploit because Adobe has protected its PDF Reader to vulnerabities by implementing sandboxing or protected mode.
“The vulnerability is caused by a boundary error in the Foxit Reader plugin for web browsers (npFoxitReaderPlugin.dll) when processing a URL and can be exploited to cause a stack-based buffer overflow via an overly long file name in the URL.” summary in the security bulletin posted by Foxit software says.
Foxit Reader works on Windows XP/Vista/7, you can download it from here.
Are you using Foxit Reader? do you know about this vulnerability? share with us in comments.