Foxit adds 'safe mode' to counter PDF attacks

Foxit Corp has added new security features to its alternative PDF reader software to help thwart recent malware attacks that exploit  the "/launch" feature.

With Foxit PDF Reader Version 3.3, the company has added a Safe Mode that blocks external commands from being executed by the software.

The Safe Mode is a key part of a new Trust Manager in the Foxit PDF Reader.

[ SEE: The real dangers of PDF executable trickery ]

Earlier this month, Foxit Reader adopted a warning message before running any executable command embedded in a PDF document.

The changes follow the discovery by researcher Didier Stevens that dangerous executables can be embedded into PDF files (and executed) without exploiting any vulnerabilities.

[ SEE: Hacker finds a way to exploit PDF files, without a vulnerability ]

The PDF hack, when combined with clever social engineering techniques,  allowed code execution attacks if a user simply opens a rigged PDF file.   Soon after, malicious hackers pounced on the trick and started launching malware attacks.

Adobe has offered a workaround for the issue and is considering a better fix in a future version of its ubiquitous Reader software.