Foxit Reader Updated – Fixes Security Hole

If you're looking for a safe PDF app then you might want to consider switching away from Adobe Reader, which still has numerous ways that your computer can be hacked,to Foxit Reader. Adobe's smaller and more nimble competitor was recently informed of a security hole and patched it in less than 2 weeks.

The exploit was identified in late August, and it involves tricking Foxit Reader into accessing the wrong DLL file. DDL files,  or dynamic linked library, are shared bits of code that any program can access. Usually there something you might never notice, but a lot of Apps install their own DLL files and Windows ships with quite a few DLL files that any apps can use to perform some function.

The security hole involves Foxit Reader looking for and finding not a safe and secure DLL provided by Windows, but instead finding a hacked DLL file which might contain malicious code. Once it's running it could potentially lead to the hacker gaining control of computer and possibly adding it to a botnet, searching it for personal info, or simply corrupting the contents of your hard disk.

To be fair, the hacker would of course have to get that hacked DLL file on to your Windows computer and slip you a PDF which called the DLL. Given the technical difficulty of combining the 2 acts I'm not sure this security hole is all that serious. But it is still good that it is closed.

You can find the patched app in the most recent update to Foxit Reader, which is available on the Foxit website.



About Nate Hoffelder (11481 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader: "I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

Leave a comment

Your email address will not be published.