vB.Org System
05-06-2016, 05:02 PM
Earlier this week, various exploits were found in ImageMagick that would allow the use of image metadata to exploit sites. It is recommended that you update your ImageMagick installation if you use it on your server. You should also update your ImageMagick policies to prevent these types of exploits in the future. If you are on shared hosting, you should contact your hosting provider to make sure they have updated their servers.
vBulletin Cloud does not use ImageMagick and is not affected by this issue.
Related Links:
Huge number of sites imperiled by critical image-processing vulnerability (http://arstechnica.com/security/2016/05/easily-exploited-bug-exposes-huge-number-of-sites-to-code-execution-attacks/)
ImageMagick Downloads (http://www.imagemagick.org/script/binary-releases.php)
ImageMagick Changelog (http://www.imagemagick.org/script/changelog.php)
Recommended Policy Updates (https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588)
vBulletin Cloud does not use ImageMagick and is not affected by this issue.
Related Links:
Huge number of sites imperiled by critical image-processing vulnerability (http://arstechnica.com/security/2016/05/easily-exploited-bug-exposes-huge-number-of-sites-to-code-execution-attacks/)
ImageMagick Downloads (http://www.imagemagick.org/script/binary-releases.php)
ImageMagick Changelog (http://www.imagemagick.org/script/changelog.php)
Recommended Policy Updates (https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588)