Foxit Patches Code Execution Vulnerabilities in PDF Software


The Chinese software company’s tools allow users to create and edit PDF files, as well as secure them when necessary. Foxit also offers products under a freemium licensing model.

Last week, the company released security updates for both Foxit PhantomPDF Mac and Foxit Reader Mac, to address a vulnerability that could result in code injection or information disclosure. The issue, the company revealed, exists because hardened runtime was not enabled during code signing.

Foxit PhantomPDF Mac version and earlier and Foxit Reader Mac version and earlier are vulnerable. Foxit PhantomPDF Mac and Foxit Reader Mac 4.1 address the flaws.