Web servers and sites under attack via ImageMagick zero-day flaw

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
A zero-day remote code execution flaw has been found in ImageMagick, an image processing library that allows image uploads from untrusted users (site visitors) and is widely used by web services (social media, blogging sites, etc.).

The flaw (CVE-2016–3714) is extremely easy to take advantage of – a booby-trapped image file that carries the exploit that will force the ImageMagick software to run malicious code on the server will do the trick. What’s more, it is already being exploited in attacks in the wild.

The vulnerability was discovered by security researcher Nikolay Ermishkin from the Mail.Ru Security Team. The ImageMagick development team was notified and pushed out a quick fix, but it was discovered to be incomplete.

Security researcher Ryan Huber stepped in to offer more details about the scope of the bug and to offer mitigation until the ImageMagick team comes up with a definitive patch (scheduled for the weekend).

Full Article. Web servers and sites under attack via ImageMagick zero-day flaw - Help Net Security
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top