Monday, March 09, 2009

Foxit PDF Viewer Shares Adobe Reader Flaw

Foxit Software Co. the creators of Foxit PDF Viewer, a great alternative to Adobe Reader, have released three critical bug patches today. One of which is related to the same JBIG2 image compression format vulnerability found to affect Adobe System Inc.'s popular Reader and Acrobat applications.

Following Adobe's announcement of the flaw late last month several experts began urging users to move away from Adobe Reader for Foxit or other free PDF-viewing applications. Foxit was seen as being a slight more secure option however security researchers have now found a few new flaws in the software.

Thomas Kristensen, chief technology officer at Secunia, told ComputerWorld that the new flaw "is a completely different vulnerability related to JBIG2." Kristensen failed to ellaborate any further only stating that they had begun testing Foxit for vulnerability following the flaws found in Adobe's software.

The other two patches cover two bugs found by Core Security Technologies, a developer of penetration testing software. One of the vulnerabilities can trigger a buffer overflow, while the other could be used by attackers to circumvent security warnings.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you