This popular PDF software needs to be updated ASAP

News
By
published

PhantomPDF users should update to version 10.1 immediately

PDF
(Image credit: Kaspersky)

The US Cybersecurity & Infrastructure Security Agency (CISA) is recommending that all users of Foxit's PhantomPDF reader update their software immediately following the disclosure of four serious vulnerabilities.

In its latest vulnerability summary, the agency warned users of a number of high, medium and low severity vulnerabilities in a number of different popular software products including PhantomPDF. 

PhantomPDF by Foxit is a popular PDF editor that allows users to create and edit PDFs, export PDFs, convert paper documents into PDFs and collaborate with others. One of the biggest selling points of the company's PDF editor is that it can be purchased as a standalone product as the company has eschewed the SaaS model popularized by Adobe and Microsoft.

PhantomPDF vulnerabilities

Foxit's PDF software contains four high severity vulnerabilities with a CVSS rating of 7.5. Two of which are use-after-free bugs while another is an out-of-bounds write and the last is a write access violation. 

Use-after-free vulnerabilities occur when an application re-reads memory that has been reallocated by the system to another program or operation. Theoretically an attacker could exploit one of these vulnerabilities to insert malicious code into the right memory area and this code would then be read by the application and executed.

Thankfully though, Foxit has addressed all four vulnerabilities in PhantomPDF with the release of version 10.1 of its software. Windows and Mac users running an older version of the software should visit Foxit's website to download and install the latest version to avoid falling victim to any potential attacks.

Cybercriminals often prey on users that have yet to update their software which is why you should install the latest updates when they become available regardless of whether an application works as intended already.

Via The Register

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Software & Services
Windows 11 Start menu layout choices: Grid view
Windows 11 vs Linux for business: which operating system should you embrace?
A phone sitting on a laptop keyboard with the Microsoft Outlook logo on the screen.
Gmail vs Outlook for business: which email system is right for your organization?
Windows 11 logo
Windows 11 Pro vs Windows 11 Home: which version is right for you?
Canva HubSpot
HubSpot and Canva team up to level the creative playing field
a laptop computer
Windows 11 vs ChromeOS for business: Is one better than the other for your needs?
a laptop computer
Windows 11 vs macOS for business: which side are you on?
Latest in News
A screenshot showing Naoe looking at the hidden blade in Assassin's Creed Shadows
Prep 107GB of space as Assassin's Creed Shadows preload and expected global release times are shared by Ubisoft
Sam Altman and OpenAI
UK regulator clears Microsoft’s $13bn deal with OpenAI after lengthy delay
Google AI Mode
Google previews AI Mode for search, taking on the likes of ChatGPT search and Perplexity
AMD Ryzen 9950X
Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
A hand holding a phone showing the Android Find My Device network
Android's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Insta360 X4 360 degree camera without lens protector
Leaked DJI Osmo 360 image suggests GoPro and Insta360 should be worried – here's why
More about software services
A phone sitting on a laptop keyboard with the Microsoft Outlook logo on the screen.

Gmail vs Outlook for business: which email system is right for your organization?

Windows 11 Start menu layout choices: Grid view

Windows 11 vs Linux for business: which operating system should you embrace?
A screenshot showing Naoe looking at the hidden blade in Assassin's Creed Shadows

Prep 107GB of space as Assassin's Creed Shadows preload and expected global release times are shared by Ubisoft
See more latest
Most Popular
A screenshot showing Naoe looking at the hidden blade in Assassin's Creed Shadows
Prep 107GB of space as Assassin's Creed Shadows preload and expected global release times are shared by Ubisoft
Google AI Mode
Google previews AI Mode for search, taking on the likes of ChatGPT search and Perplexity
An angry Mark Grayson flying towards the camera in Invincible season 3 episode 7
Invincible season 3 episode 7 ending explained: who dies, who plays Conquest, who is Ka-Hor, and more big questions answered
Sam Altman and OpenAI
UK regulator clears Microsoft’s $13bn deal with OpenAI after lengthy delay
AMD Ryzen 9950X
Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
Thanko monitor
At 11lbs, this double 24-inch 'portable' monitor is a bit too much for me but I love the audacity
Rocket Enterprise SSD
Sabrent launches its first 30.72TB SSD, but like all the others, you won't be able to run it on your PC (or buy it on Amazon)
Volkswagen ID.EVERY1 Concept Car
Volkswagen reveals the ID.1 concept car, which will spawn its cheapest all-electric model to date
Eurocom Raptor X17
This $12,000 laptop comes with 24TB RAID-0 SSD storage, 128GB of RAM, and Intel's most powerful mobile CPU - but no Nvidia RTX 5090M GPU
BYD Ling Yuan DJI Drone launcher
BYD’s new roof-mounted DJI drone launchpad looks like a dream for filming road trips – but less so for car safety