Summary
Octagon Networks report vulnerabilities in ImageMagick's default and secure policies, allowing remote code execution and arbitrary file access across millions of Linux and WordPress servers. The flaws exploit format detection logic and unblocked delegates to bypass standard security hardening.
Take Action:
If you are using ImagMagicks, first set the policy to limited. Disable GhostScript if your server does not strictly require PDF or PostScript processing to eliminate the primary execution engine for these attacks. Always use a strict allow-list policy for ImageMagick coders rather than relying on the default settings provided by your operating system.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)