ImageMagick is an image manipulation suite installed on millions of web servers. The flaws are being actively exploited by criminals. Security researcher: “There is a ton of attack surface” Metasploit modules for the vulnerabilities will be released on Wednesday. Until they’re released, administrators can mitigate the problem by editing policy.xml. The vulnerability is also present on servers where the library is compiled with Ruby (rmagick and paperclip) and NodeJS (ImageMagick) It’s expected that four CVEs will be issued around this flaw.”]