chris
Top Contributor
A serious security vulnerability in the ImageMagick graphics library has been announced. This is commonly found on web servers, so has the potential to impact a lot of sites.
The name the vulnerability has been given is ImageTragick, there's already a website promising more info soon:
https://imagetragick.com/
The mainstream tech news sites are covering it quite heavily:
https://nakedsecurity.sophos.com/20...-at-risk-from-this-imagemagick-security-hole/
https://news.ycombinator.com/item?id=11623694
http://arstechnica.com/security/201...ge-number-of-sites-to-code-execution-attacks/
The name the vulnerability has been given is ImageTragick, there's already a website promising more info soon:
https://imagetragick.com/
The mainstream tech news sites are covering it quite heavily:
https://nakedsecurity.sophos.com/20...-at-risk-from-this-imagemagick-security-hole/
..a vulnerability in ImageMagick reported today (CVE-2016–3714) allows booby-trapped image uploads to trick the ImageMagick software into running commands instead, leading to what’s known as a remote code execution (RCE) bug.
https://news.ycombinator.com/item?id=11623694
http://arstechnica.com/security/201...ge-number-of-sites-to-code-execution-attacks/