It often feels like there’s no end to software vulnerabilities and exploits. With every step towards technological advancements, another threat turns up. This is especially frustrating for enterprises, since it takes years to build your business’ reputation and just seconds for a cyberattack to ruin it. A simple glitch in your IT security can cause unimaginable damage. The latest Ghostscript vulnerability is just another threat that enterprises have to deal with.
What is Ghostscript?
Ghostscript is open-source, multiplatform software written in popular programming language C. It’s an interpreter for Adobe systems’ PostScript and Portable Document Format (PDF). It allows PostScript language files to be converted into several roster formats like PDF, XPS, PCL, and PXL. Many image and PDF editing tools use Ghostscript to convert files.
What is the vulnerability?
Ghostscript normally uses its -dSAFER option to prevent insecure PostScript operations. However, the current flaw in Ghostscript’s -dSAFER allows attackers to remotely run arbitrary code when GhostScript is running on a file or directory.
If the intruder succeeds, they could execute malicious code or send specially crafted malicious PDF, PS, EPS, or XPS files to the system. This vulnerability could impact a specific piece of software or the entire system. This flaw was identified and reported by Google’s security researcher Tavis Ormandy.
Who is the target?
Many applications use Ghostscript; some of the vendors reported to be affected by this vulnerability include Red Hat, Ubuntu, Artifex Software, and ImageMagick. Windows and macOS systems may also be affected since PDFs are widely used across businesses.
How to keep your systems safe
As with any vulnerability, patching is the best solution. However, since no patch has been released yet, enterprises need to find another way to protect their systems. One way to do that is to immediately uninstall Ghostscript.
Identifying which machines are running Ghostscript could be a nightmare if you don’t have the right tools. Our desktop management solution Desktop Central can make things a whole lot easier.
If you’re an existing Desktop Central user, you can automate the process of detecting and uninstalling Ghostscript by deploying our newly added custom script to your network. If you don’t have Desktop Central, you can download a free trial and manage an unlimited number of computers for a full month.
Refer these steps to detect and delete Ghostscript from your network
