Security Bulletins and Advisories

PDF Annotator Security Bulletins and Advisories

Security is our top priority. This page contains important information regarding security vulnerabilities that could affect specific versions of PDF Annotator.

In accordance with our Update Policy, we provide security updates for the current major version (PDF Annotator 9), and the previous major version (PDF Annotator 8).

Please ensure to keep your PDF Annotator installation up-to-date at any time using the built in Update Wizard.

Use Help, Version Check within the software to update to the latest version, or download and install the latest version manually from our Download Page.

Please note: PDF Annotator is NOT affected by the "Log4j" vulnerability discovered on 09-DEC-2021 (CVE-2021-44228).

PDF Annotator does not make any use of Java or the "Log4j" package.

Security updates available for PDF Annotator 8

PDF Annotator 8.0.0.818 (2020-12-03)

Description

Some 256-bit AES password protected documents could be displayed without entering a password in the iOS Mail app, and potentially other 3rd party apps.

Documents affected:

  • Documents saved with a Security Level set to "256-bit AES", and
  • Password required to open the document, but no password set to change the restrictions.

Documents not affected:

  • Documents without password security.
  • Documents with password security with Security Level "128-bit AES" (the default) or below.
  • Documents with a "password to change restrictions" set.
Solution
  1. Use Help, Version Check within the software to update to the latest version, or download and install the latest version manually from our Download Page.
  2. Re-open and re-save those files with the new PDF Annotator version.
Affected Versions

8.0.0.800 to 8.0.0.817

PDF Annotator 8.0.0.812 (2020-10-12)

Description

A component of the "Print to PDF Annotator" printer was linked with a version of libpng with known security issues.

Solution

Use Help, Version Check within the software to update to the latest version, or download and install the latest version manually from our Download Page.

Affected Versions

8.0.0.800 to 8.0.0.811

Security updates available for PDF Annotator 7

PDF Annotator 7.1.0.727 (2020-12-18)

Description

Some 256-bit AES password protected documents could be displayed without entering a password in the iOS Mail app, and potentially other 3rd party apps.

Documents affected:

  • Documents saved with a Security Level set to "256-bit AES", and
  • Password required to open the document, but no password set to change the restrictions.

Documents not affected:

  • Documents without password security.
  • Documents with password security with Security Level "128-bit AES" (the default) or below.
  • Documents with a "password to change restrictions" set.
Solution
  1. Use Help, Version Check within the software to update to the latest version, or download and install the latest version manually from our Download Page.
  2. Re-open and re-save those files with the new PDF Annotator version.
Affected Versions

7.0.0.700 to 7.1.0.726

PDF Annotator 7.1.0.727 (2020-12-18)

Description

A component of the "Print to PDF Annotator" printer was linked with a version of libpng with known security issues.

Solution

Use Help, Version Check within the software to update to the latest version, or download and install the latest version manually from our Download Page.

Affected Versions

7.0.0.700 to 7.1.0.726