ImageMagick exploits spotted

Malicious images exploiting server-hijacking holes in ImageMagick have been spotted and documented by web host biz CloudFlare.

As we reported last week, ImageMagick – a tool used by countless websites to process images submitted by users – has a pretty bad bug that allows images to execute commands on vulnerable systems. The programming blunder is pretty easy to take advantage of, sample exploit code was soon distributed after word of the flaw spread, and now miscreants have weaponized it. ®

Biting the hand that feeds IT © 1998–2021