04-18-2017 , 07:36 PM
https://www.foxitsoftware.com/products/p...istory.php Foxit Reader Version History
Version 8.3
New Feature and Improvements in Foxit Reader 8.3
Enhanced comment management
Users can filter comments by author and status, and check the total number of comments in the Comment panel.
Add and share inline comments online
Add inline comments to PDF documents at a specified location to share and discuss with other users online.
ConnectedPDF enhancements
The ConnectedPDF Review and ConnectedPDF Protection workflows have been redesigned to provide a better user experience in document review and protection.
Some other user-friendly enhancements. : https://www.foxitsoftware.com/support/se...letins.php Security bulletins
A prompt response to software defects and security vulnerabilities has been, and will continue to be, a top priority for everyone here at Foxit Software. Even though threats are a fact of life, we are proud to support the most robust PDF solutions on the market. Here is information on some enhancements that make our software even more robust.
Please click here to report a potential security vulnerability.
Cybersecurity Advisory Notice
2017
Security updates available in Foxit Reader 8.3 and Foxit PhantomPDF 8.3
Release date: April 18, 2017
Platform: Windows
Summary
Foxit has released Foxit Reader 8.3 and Foxit PhantomPDF 8.3, which address potential security and stability issues.
Affected versions
Product
Affected versions
Platform
Foxit Reader
8.2.1.6871 and earlier
Windows
Foxit PhantomPDF
8.2.1.6871 and earlier
Windows
Solution
Update your applications to the latest versions by following one of the instructions below.
From the “Help” tab of Foxit Reader or Foxit PhantomPDF, click on “Check for Updates” and update to the latest version.
Click here to download the updated version of Foxit Reader from our website.
Click here to download the updated version of Foxit PhantomPDF from our website. If you already have a PhantomPDF 8 license, you can update to PhantomPDF 8.3 for free.
Vulnerability details
Brief
Acknowledgement
Addressed potential issues where the application could be exposed to Use-After-Free vulnerabilities, which could be exploited by attackers to execute remote code.
Steven Seeley (mr_me) of
Offensive Security working with
Trend Micro's Zero Day Initiative
Dmitri Kaslov
Addressed potential issues where the application could be exposed to a JPEG2000 Parsing Out-of-Bounds Write vulnerability, which could lead to remote code execution.
Toan Pham Van working with
Trend Micro's Zero Day Initiative
Addressed a potential issue where the application could be exposed to a null pointer vulnerability, which could lead to unexpected crash.
Dmitri Kaslov (PwC za-labs)
For more information, please contact the Foxit Security Response Team at security-ml@foxitsoftware.com. : https://www.virustotal.com/en/file/f1a4c.../analysis/ SHA256: f1a4c530740cfcb5afc4ee6f335b4b69137a21809c85128a19a609a8f09c0ca6
File name: FoxitReader83_enu_Setup_Prom.exe
Detection ratio: 0 / 61
Analysis date: 2017-04-18 12:11:21 UTC ( 5 hours, 38 minutes ago ) Copyright © 2004-2017 Foxit Software Inc. All Rights Reserved.
Product Foxit Reader Setup
File version 8.3.0.14878
Description Foxit Reader Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 4:32 PM 4/13/2017
Signers
[+] Foxit Software Incorporated
[+] Starfield Secure Certificate Authority - G2
[+] Starfield Root Certificate Authority - G2
[+] Starfield Class 2 Certification Authority
Counter signers
[+] Symantec Time Stamping Services Signer - G4
[+] Symantec Time Stamping Services CA - G2
[+] Thawte Timestamping CA
Packers identified
F-PROT INNO, appended, UTF-8, Unicode VirusTotal metadata
First submission 2017-04-18 07:48:30 UTC ( 10 hours, 1 minute ago )
Last submission 2017-04-18 12:11:21 UTC ( 5 hours, 38 minutes ago )
File names FoxitReader83_enu_Setup_Prom.exe
Version 8.3
New Feature and Improvements in Foxit Reader 8.3
Enhanced comment management
Users can filter comments by author and status, and check the total number of comments in the Comment panel.
Add and share inline comments online
Add inline comments to PDF documents at a specified location to share and discuss with other users online.
ConnectedPDF enhancements
The ConnectedPDF Review and ConnectedPDF Protection workflows have been redesigned to provide a better user experience in document review and protection.
Some other user-friendly enhancements. : https://www.foxitsoftware.com/support/se...letins.php Security bulletins
A prompt response to software defects and security vulnerabilities has been, and will continue to be, a top priority for everyone here at Foxit Software. Even though threats are a fact of life, we are proud to support the most robust PDF solutions on the market. Here is information on some enhancements that make our software even more robust.
Please click here to report a potential security vulnerability.
Cybersecurity Advisory Notice
2017
Security updates available in Foxit Reader 8.3 and Foxit PhantomPDF 8.3
Release date: April 18, 2017
Platform: Windows
Summary
Foxit has released Foxit Reader 8.3 and Foxit PhantomPDF 8.3, which address potential security and stability issues.
Affected versions
Product
Affected versions
Platform
Foxit Reader
8.2.1.6871 and earlier
Windows
Foxit PhantomPDF
8.2.1.6871 and earlier
Windows
Solution
Update your applications to the latest versions by following one of the instructions below.
From the “Help” tab of Foxit Reader or Foxit PhantomPDF, click on “Check for Updates” and update to the latest version.
Click here to download the updated version of Foxit Reader from our website.
Click here to download the updated version of Foxit PhantomPDF from our website. If you already have a PhantomPDF 8 license, you can update to PhantomPDF 8.3 for free.
Vulnerability details
Brief
Acknowledgement
Addressed potential issues where the application could be exposed to Use-After-Free vulnerabilities, which could be exploited by attackers to execute remote code.
Steven Seeley (mr_me) of
Offensive Security working with
Trend Micro's Zero Day Initiative
Dmitri Kaslov
Addressed potential issues where the application could be exposed to a JPEG2000 Parsing Out-of-Bounds Write vulnerability, which could lead to remote code execution.
Toan Pham Van working with
Trend Micro's Zero Day Initiative
Addressed a potential issue where the application could be exposed to a null pointer vulnerability, which could lead to unexpected crash.
Dmitri Kaslov (PwC za-labs)
For more information, please contact the Foxit Security Response Team at security-ml@foxitsoftware.com. : https://www.virustotal.com/en/file/f1a4c.../analysis/ SHA256: f1a4c530740cfcb5afc4ee6f335b4b69137a21809c85128a19a609a8f09c0ca6
File name: FoxitReader83_enu_Setup_Prom.exe
Detection ratio: 0 / 61
Analysis date: 2017-04-18 12:11:21 UTC ( 5 hours, 38 minutes ago ) Copyright © 2004-2017 Foxit Software Inc. All Rights Reserved.
Product Foxit Reader Setup
File version 8.3.0.14878
Description Foxit Reader Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 4:32 PM 4/13/2017
Signers
[+] Foxit Software Incorporated
[+] Starfield Secure Certificate Authority - G2
[+] Starfield Root Certificate Authority - G2
[+] Starfield Class 2 Certification Authority
Counter signers
[+] Symantec Time Stamping Services Signer - G4
[+] Symantec Time Stamping Services CA - G2
[+] Thawte Timestamping CA
Packers identified
F-PROT INNO, appended, UTF-8, Unicode VirusTotal metadata
First submission 2017-04-18 07:48:30 UTC ( 10 hours, 1 minute ago )
Last submission 2017-04-18 12:11:21 UTC ( 5 hours, 38 minutes ago )
File names FoxitReader83_enu_Setup_Prom.exe