Foxit Software company has published security updates to fix a high severity remote code execution (RCE) vulnerability affecting the PDF reader.

This security flaw could allow attackers to run malicious code on users' Windows computers and, potentially, take over control.

The high-severity vulnerability (tracked a CVE-2021-21822) results from a Use After Free bug found by Aleksandar Nikolic of Cisco Talos.

The vulnerability impacts Foxit Reader 10.1.3.37598 and earlier versions, and it was addressed with the release of Foxit Reader 10.1.4.37651.

Foxit fixed several other security bugs, exposing users' devices to denial of service, remote code execution, information disclosure, SQL injection and other vulnerabilities.

Source: bleepingcomputer.com