The Foxit Corporation has released Foxit Reader 3.3 for Windows. This release of Foxit Reader contains a component called Trust Manager. Foxit Reader release notes indicate that the Trust Manager enables users to allow or deny unauthorized actions and data transmission, including URL connection, attachments PDF action, and JavaScript. This addresses the vulnerability in the PDF specification /Launch function.
US-CERT encourages users and administrators to review the Foxit Reader 3.3 release notes and upgrade to Foxit Reader 3.3 to help mitigate the risks associated with the PDF specification /Launch function vulnerability. Additional information regarding the /Launch function vulnerability can be found in the Vulnerability Notes Database.