Foxit® Reader Safe from Latest “Zero-Day” (Cve-2011-2462) Vulnerability

Printer-friendly versionPDF version

Foxit® Corporation today announced that the Foxit Reader is not vulnerable to the latest zero-day (CVE-2011-2462) vulnerability.

 - (PressReleasePoint) -

FREMONT, Calif. - December  14, 2011 - Foxit^® Corporation, a leading provider of solutions for reading, editing, creating, organizing, and securing PDF documents, today announced that the Foxit Reader is not vulnerable to the latest zero-day (CVE-2011-2462) vulnerability. Users who are concerned about this much publicized issue should feel safe in downloading the Foxit Reader to meet their PDF reader requirements.

The CVE-2011-2462 malware has been reported by users to crash their PDF program and open up a new file which attempts to make registry changes and contacts an external URL. The malicious code also tries to take control of the affected computer. The issue has been reported by Lockheed Martin’s Computer Incident Response Team and MITRE.

Foxit has implemented numerous security features to protect PDF users from malicious PDF documents.

• Security Warning Dialog - warns users if a PDF document attempts to call or run an external command. The security warning dialog message provides a choice to run or terminate executing any files within a PDF file.
• Trust Manager (Safe Mode) - allows users to select a safe mode operation. Safe Mode, once selected, prevents suspicious external commands to be executed by Foxit Reader.
• Enhanced Security with ASLR & DEP Support - additional features to protect against hackers to compromise a PDF document include:

             - Address Space Layout Randomization (ASLR) uses a random algorithm to determine a memory address used to store key                  file data.
             - Data Execution Prevention (DEP) simply prevents executing code from a non-executable memory location.

• Disable JavaScript - an option for turning off JavaScript entirely.

Detailed security information on Foxit Reader can be found on the Foxit Reader Security web page.

For more information, contact Foxit at www.foxitsoftware.com or at 1-866-MYFOXIT.

About Foxit Corporation

Foxit Corporation, a Microsoft Gold Certified Partner, is at the forefront of cost-effective electronic document solutions. Customers of Foxit’s award-winning products include major technology and healthcare companies, global financial services firms, and government agencies. Founded in 2001, Foxit Corporation believes in innovative, standards-based technology and unrivalled customer support, with a deep commitment to sustainable, environmentally sound products and services.

                                                                                                                    ###

Foxit is a registered trademark of Foxit Corporation. Other trademarked names or terms used in this document are the properties of their respective owners.