Warning – ImageMagick Tool is Vulnerable to Remote Code Execution
Recently it has been found that the widely used image editing ImageMagick tool is vulnerable to remote code execution. Well, a serious zero-day vulnerability is been detected in this this image editing software. ImageMagick is one most popular open-source library for processing image files. This significant software is loaded with lost of astonishing image editing features and allows the users to scale, resize, crop, tweak, watermarking their images. Moreover, this amazing software is supported by various programming languages, such as C++, Perl, PHP, Ruby Python, etc. It is being widely used by by number of websites, social media platforms, blogs, and dues also supports the well know content management systems like Drupa and WordPress.
Source :- https://imagetragick.com/
What is ImageMagick Tool Vulnerability
However, recently a bad news came for the ImageMagick Tool users when a security engineer Ryan Huber detected a critical zero-day vulnerability (CVE-2016–3714) in ImageMagick photo processing library which allows the cyber criminals to run malicious codes into Web server. Well, by using (CVE-2016–3714) flaw hackers and upload maliciously-crafted photo to a web service which is using ImageMagick. By using this critical flaw hackers can execute malicious code in website’s server, snoop on user’s accounts and can even steal crucial information, However this exploit been released already and is known as ImageTragick.
Reference :- https://github.com/ImageTragick/PoCs
This critical flaw in ImageMagic tool can cause serious issues for users. It does not only allows the hackers to executing malefic codes on your website server, but can also access your site data, steal important information and can also result in inaccessibility of precious for the users. Well, users can recover easily lost pictures but hack of their website will be a serious trouble for them. Well, the researcher has also mentioned that this critical hack is being widely used of several hackers which makes it more critical for the users.
Meanwhile, ImageMagick team has also accepted this vulnerability and has said that this recent flaw does include Remote Code Execution and ability to access data on the local system of compromised website. However, they have not released any security patches for this flaw yet. It would be sensible for the website administrators to include few lines of code to the configuration files to restrict any kind of suspicious activities preformed by hackers by using this zero-day vulnerability. Users should also check ‘magic bytes’ in images sent to the ImageMagick tool before processing. Well, ImageMagick tool vulnerability is supposed to be patched in its upcoming versions 7.0.1-1 as well as 6.9.3-10 which will be released soon.