Several high-risk security flaws patched in Foxit’s PDF tools
The free Foxit PDF Reader has just been updated to version 2024.2.3 for Windows. There are also corresponding updates for the premium Foxit PDF Editor, which does more than just read PDFs and sits among our favorite PDF editing software apps.
In these updates, Foxit Software has closed several security vulnerabilities that are classified as high risk. As of right now, there are no known attacks that exploit these vulnerabilities.
According to Foxit’s security bulletins, all Reader and Editor versions up to and including 2024.2.2 for Windows are vulnerable. Also affected are Foxit PDF Editor 2024.2.2 (and older) for macOS and Foxit PDF Editor 13.12 (and older) for Windows.
In the Windows editions, Foxit has fixed five security vulnerabilities that were discovered and reported by external security researchers. These are mainly use-after-free vulnerabilities that could be exploited by malicious PDF files to inject and execute arbitrary code.
Version 2024.2.3 of both Reader and Editor fix these issues. Yet while the updates have been available since the beginning of last week, Foxit only released the update for its Windows PDF Reader on August 9th.
Foxit PDF Reader (formerly Foxit Reader) is considered a comparatively lightweight alternative to Adobe Acrobat Reader. As the feature set of Foxit PDF Reader has continued to grow, however, the relative leanness of the app has diminished. Today, the download exceeds 140MB.
For a true lightweight alternative that’s still completely free, consider using the open-source Sumatra PDF. (Its download is just under 8MB.) To quickly read a simple PDF file, the PDF viewing features of modern web browsers (e.g., Chrome, Edge, Firefox) are usually good enough, too.
Foxit PDF Editor (formerly Foxit PhantomPDF) is a commercial tool for creating and editing PDF files, so this one competes with full-blown Adobe Acrobat. Note that the installer for Foxit PDF Reader automatically installs a 14-day trial version of Foxit PDF Editor if you don’t explicitly deselect the option during the setup process!
Further reading: The best free PDF editors, ranked