Source |
Network World |
Identifiant |
294593 |
Date de publication |
2017-01-18 12:06:27 (vue: 2017-01-18 12:06:27) |
Titre |
Failure to patch known ImageMagick flaw for months costs Facebook $40k |
Texte |
It's not common for a security-conscious internet company to leave a well-known vulnerability unpatched for months, but it happens. Facebook paid a US$40,000 reward to a researcher after he warned the company that its servers were vulnerable to an exploit called ImageTragick.ImageTragick is the name given by the security community to a critical vulnerability that was found in the ImageMagick image processing tool back in May.ImageMagick is a command-line tool that can resize, convert and optimize images in many formats. Web server libraries like PHP's imagick, Ruby's rmagick and paperclip, and Node.js's imagemagick, used by millions of websites, are based on it.To read this article in full or to leave a comment, please click here |
Envoyé |
Oui |
Condensat |
$40k 000 after are article back based but called can click command comment common community company conscious convert costs critical exploit facebook failure flaw formats found full given happens here image imagemagick images imagetragick imagick internet its known leave libraries like line many may millions months name node not optimize paid paperclip patch php please processing read researcher resize reward rmagick ruby security server servers tool unpatched us$40 used vulnerability vulnerable warned web websites well |
Tags |
|
Stories |
|
Notes |
|
Move |
|