Foxit Reader Continues to Keep Users Safe from Security Vulnerabilities

FREMONT, Calif. - May  24, 2012 - Foxit® Corporation, a leading provider of solutions for reading, editing, creating, organizing, and securing PDF documents, today announced that Foxit Reader is not susceptible to the latest security vulnerabilities that expose users to malicious computer attacks that have effected other PDF readers in the industry.

These security flaws cause other PDF readers to crash or potentially allow a hacker to take control of the infested computer. These security flaws are reported to the industry and are identified by their Common Vulnerabilities and Exposures (CVE) numbers. Recently reported CVE numbers include CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, and CVE-2012-0777. Follow this link for more information on PDF Readers affected by these vulnerabilities.

Foxit has implemented numerous proactive security features designed to protect PDF users from malicious PDF documents.

  • Security Warning Dialog - warns users if a PDF document attempts to call or run an external command. The security warning dialog message provides a choice to run or terminate execution of any files within a PDF file.
  • Trust Manager (Safe Mode) - allows users to select a safe mode operation.  Safe Mode, once selected, prevents suspicious external commands to be executed by Foxit Reader.
  • Enhanced Security with ASLR & DEP Support – additional features to protect against hackers to compromise a PDF document include:  

         - Address Space Layout Randomization (ASLR) uses a random algorithm to determine a memory address used to store key file data.  
         - Data Execution Prevention (DEP) simply prevents executing code from a non-executable memory location.

  • Disable JavaScript - an option for turning off JavaScript entirely.

If a vulnerability does threaten Foxit Reader users, Foxit’s Security Response Team (SRT) quickly verifies the issue, analyses the effect and root cause, communicates the issue to users, and then delivers a tested fix. Security patches are delivered quickly after identification to keep Foxit Reader users safe. Detailed security information on Foxit Reader can be found on the Foxit Reader Security web page.

"Keeping Foxit Reader users safe is a high priority at Foxit", said William Chen, AVP of R&D for Foxit Corporation. "We strive to be very proactive to ensure vulnerabilities don’t occur at all, but react quickly if a potential issue is discovered."

Security is one of the many reasons why individuals, enterprises, and OEMs look to the Foxit Reader and the Foxit Enterprise Reader for their PDF viewing needs. Foxit Reader provides a lightweight, high performance, and full functioned PDF Reader. Foxit Enterprise Reader is a version of the Foxit Reader designed to meet the PDF viewing, customization, and deployment needs of enterprise and government organizations.

For more information, contact Foxit at www.foxitsoftware.com or at 1-866-MYFOXIT.

About Foxit Corporation

Foxit Corporation is at the forefront of cost-effective electronic document solutions. Customers of Foxit’s award-winning products include major technology and healthcare companies, global financial services firms, and government agencies. Founded in 2001, Foxit Corporation believes in innovative, standards-based technology and unrivalled customer support, with a deep commitment to sustainable, environmentally sound products and services.

                                                                                                               ###

Foxit is a registered trademark of Foxit Corporation. Other trademarked names or terms used in this document are the properties of their respective owners.