New versions of Foxits PDF Reader and PDF Editor are available for Windows and macOS. The gaps closed were given threat ratings from “moderate” to “important”.
Read more after the ad
None are critical, and nothing is known about active exploits. The large number of vulnerabilities mentioned in Foxit’s security advisories as well as the wide range of possibilities for attackers to execute malicious code in the context of prepared PDFs under very specific conditions make a timely update advisable.
Program crashes, code execution and data access
According to descriptions, attackers could, among other things, abuse the security gaps to cause program crashes with malicious JavaScript code in PDF documents. As a result, they could access confidential information or execute code remotely (“Potential Arbitrary Code Execution”).
The local expansion of access rights (“Local Privilege Escalation”) is also possible under certain conditions. For all of these scenarios, however, user interaction with the software or with appropriately prepared PDF documents would first be necessary.
Secured versions & updates
The versions Foxit PDF Reader/Editor 2026.1.2 as well as PDF Editor 13.25 and 14.0.5 for Windows and macOS are protected against the threats. The specific security gaps that affected the respective versions and operating systems can be found in the security information.
The update itself can be done directly via the “Help” menu item in the software (“Search for updates” sub-item).
Read more after the ad
(ovw)
