| No Patch Available Yet for New Major Vulnerability in Ghostscript Interpreter | | Tavis Ormandy, a Google Project Zero security researcher, has revealed details about a new major vulnerability discovered in Ghostscript, an interpreter for Adobe's PostScript and PDF page description languages. Ghostscript is by far the most widely used solution of its kind. The Ghostscript interpreter is embedded in hundreds of software suites and coding libraries that allow desktop software and web servers to handle PostScript and PDF-based documents. For example, you'll find Ghostscript inside ImageMagick, Evince, GIMP, and all PDF editing or viewing software. | Exploiting the bug Ormandy discovered requires that an attacker sends a malformed PostScript, PDF, EPS, or XPS file to a victim. Once the file reaches the Ghostscript interpreter, the malicious code contained within will execute an attacker's desired on that machine. | At the time of writing, there is no fix available. "I *strongly* suggest that [Linux] distributions start disabling PS, EPS, PDF and XPS coders in [ImageMagick's] policy.xml by default," Ormandy said. | | |
|