Security News Ghostscript Interpreter vulnerability affects all PDF software (No patch yet)

[LASER_oneXM]

Content source

https://www.bleepingcomputer.com/news/security/no-patch-available-yet-for-new-major-vulnerability-in-ghostscript-interpreter/

Tavis Ormandy, a Google Project Zero security researcher, has revealed details about a new major vulnerability discovered in Ghostscript, an interpreter for Adobe's PostScript and PDF page description languages.

Ghostscript is by far the most widely used solution of its kind. The Ghostscript interpreter is embedded in hundreds of software suites and coding libraries that allow desktop software and web servers to handle PostScript and PDF-based documents.

For example, you'll find Ghostscript inside ImageMagick, Evince, GIMP, and all PDF editing or viewing software.

Exploiting bug leads to remote system takeover

Exploiting the bug Ormandy discovered requires that an attacker sends a malformed PostScript, PDF, EPS, or XPS file to a victim. Once the file reaches the Ghostscript interpreter, the malicious code contained within will execute an attacker's desired on that machine.
...
.....
....

 

[HarborFront]

There're already patches issued by the company on the 24th Aug

 

[DeepWeb]

I open my PDF files in Chrome. Is it affected too?

 

[Deleted member 178]

Chrome tabs are sandboxed, so theoretically , the malicious code should be contained.

 

[ForgottenSeer 69673]

What about Windows Defender Application Guard for Microsoft Edge?

Securing Microsoft's Edge browser with Windows Defender Application Guard

 

[509322]

Sumatra PDF does not use the Ghostscript interpreter; Ghostscript has to be installed by the user.

Confirm it with the Sumatra PDF developer.

 

[509322]

I open my PDF files in Chrome. Is it affected too?

Chrome renders PDFs using PDFium.

pdfium - Git at Google

 

[509322]

"and all PDF editing or viewing software."

Wrong.