For Foxit's sake: Windows and Mac users alike urged to patch PhantomPDF over use-after-free vulns

For Foxit's sake: Windows and Mac users alike urged to patch PhantomPDF over use-after-free vulns

Windows and Mac users running Foxit's popular PhantomPDF reader should update their installations to the latest version after the US CISA cybersecurity agency warned of a handful of high-severity product vulnerabilities.


In its latest regular threat report, CISA counted four CVSS v2 7.5-level vulns affecting PhantomPDF.


The software suite is widely used for manipulating PDFs, particularly by people whom, for whatever reason, eschew Adobe's products and pricing model.


Foxit has published updates for its software in both Windows and Apple Mac formats. Those readers running versions prior to 10.1 for Windows and version 4.1 for Mac ought to download and install them from Foxit's website.


The four most recent vulns range from use-after-free snafus to out-of-bounds memory ..

Support the originator by clicking the read the rest link below.