Even alternatives to Adobe's popular PDF reader software are not immune from security flaws that allow a hacker attack, a tech site reported recently.
PC World reported Foxit Reader has a flaw in its browser plug-in component that attackers can exploit to potentially take over computers.
"Foxit's developers have identified the cause of the vulnerability and are working on creating a patch, a Foxit sales and service representative said Friday via email. The patch is expected to be released within one week, she said," it said.
It said Italian security researcher Andrea Micalizzi had discloseddetails of the vulnerability last weekend.
As of Monday night, PC World said there is still no official patch available from Foxit Software.
It said vulnerability intelligence and management company Secunia rated the flaw as "highly critical" because it can be "exploited remotely to gain system access."
Foxit Reader's plugin is usually installed in Mozilla's Firefox, Google's Chrome, Opera, and Apple's Safari.
"We have confirmed the vulnerability using Firefox, Opera, and Safari... At the moment the best mitigation is to disable this add-on in browsers and use other software e.g. Adobe Reader," it quoted Chaitanya Sharma, advisory team lead at Secunia, as saying.
But it also quoted a Foxit representative as recommending avoiding using the Foxit browser plug-in for Firefox, Chrome, Opera or Safari, and instead suggested using Internet Explorer to view online PDF files.
PC World noted Foxit Reader had been suggested in the security community as a more secure and less attacked alternative to Adobe Reader. — TJD, GMA News
No comments:
Post a Comment