Hackers could control machine through PDF file
Hackers could take control of a machine through a PDF file.
The exploit takes advantage of Ghostscript, which is used behind the scenes by PDF viewers, file managers generating thumbnails, image conversion tools, and web servers handling uploaded files.
The user does not need to even know about Ghostscript or be the one to start it. Simply opening, previewing, or thumbnailing a malicious PDF could trigger the exploit.
The federal government knew about it and published a report on 06/25/2023: https://nvd.nist.gov/vuln/detail/CVE-2023-36664
This exploit has been available for a couple years, at least.
My Linux Mint machine had this vulnerability today. But it affects any operating system using Ghostscript.
I updated Ghostscript to a version that supposedly is not vulnerable. This video simply shows how I updated Ghostscript in Linux Mint.
https://cdn.masto.host/mastjohn1126com/media_attachments/files/116/075/943/178/371/916/original/276d2faf76f66ba4.mp4
Before update:
9.55.0~dfsg1-0ubuntu5.3
After update:
9.55.0~dfsg1-0ubuntu5.13
Windows is also affected by the Ghostscript vulnerability
This video shows an example of the exploit. First, he shows how rendering an image could invoke the calculator. Second, when the infected file is loaded with Inkscape, his VBS script is executed, which could include malicious intentions.
https://cdn.masto.host/mastjohn1126com/media_attachments/files/116/076/060/879/608/536/original/6c133037426c1fc3.mp4
youtube/Kroll
gswin64c.exe is the Windows command-line version of Ghostscript.
The exploit takes advantage of Ghostscript, which is used behind the scenes by PDF viewers, file managers generating thumbnails, image conversion tools, and web servers handling uploaded files.
The user does not need to even know about Ghostscript or be the one to start it. Simply opening, previewing, or thumbnailing a malicious PDF could trigger the exploit.
The federal government knew about it and published a report on 06/25/2023: https://nvd.nist.gov/vuln/detail/CVE-2023-36664
This exploit has been available for a couple years, at least.
My Linux Mint machine had this vulnerability today. But it affects any operating system using Ghostscript.
I updated Ghostscript to a version that supposedly is not vulnerable. This video simply shows how I updated Ghostscript in Linux Mint.
https://cdn.masto.host/mastjohn1126com/media_attachments/files/116/075/943/178/371/916/original/276d2faf76f66ba4.mp4
Before update:
9.55.0~dfsg1-0ubuntu5.3
After update:
9.55.0~dfsg1-0ubuntu5.13
Windows is also affected by the Ghostscript vulnerability
This video shows an example of the exploit. First, he shows how rendering an image could invoke the calculator. Second, when the infected file is loaded with Inkscape, his VBS script is executed, which could include malicious intentions.
https://cdn.masto.host/mastjohn1126com/media_attachments/files/116/076/060/879/608/536/original/6c133037426c1fc3.mp4
youtube/Kroll
gswin64c.exe is the Windows command-line version of Ghostscript.
Feb 15, 2026, 11:23:41 AM | by Admin