Foxit PDF: Manipulated PDFs can infiltrate malicious code
Versions of Foxit PDF Editor and PDF Reader for macOS and Windows have been released that are equipped against various attacks.
(Image: Alfa Photo/Shutterstock.com)
Attackers are able to infect victims with crafted PDF files and use vulnerabilities in Foxit PDF Editor and PDF Reader to install and execute malicious code on systems. Security updates are available for download.
Multiple vulnerabilities
A classification of the threat level of the vulnerabilities (CVE-2024-28888, CVE-2024-38393, CVE-2024-41605) on the NIST website is still pending. The emergency team of the Federal Office for Information Security (BIS) CERT Bund classifies the threat as "high".
Videos by heise
As can be seen from the security section of the Foxit website, PDF Editor and PDF Reader under macOS and Windows are specifically at risk. It is currently not known whether attacks are already underway.
Effects of attacks
The developers state that opening PDF files prepared by attackers triggers a memory error (use after free), allowing malicious code to enter systems. According to them, attackers can also use the update process of the PDF applications to gain higher rights.
The versions PDF Editor 2024.3 and PDF Reader 2024.3 and PDF Editor 13.1.4 for macOS are secured against this. According to the developers, all previous versions are vulnerable.
A half-hearted certificate check in PDF Reader last made headlines at the end of May this year.
(des)
