If you use Joomla, there is yet another critical vulnerability and this one is racing through the wild. An immediate update is required for all versions of Joomla.
According to Sucuri, they began noticing the exploit on December 12th, and it has been running wild through Joomla sites. They noted yesterday that “the wave of attacks is even bigger, with basically every site and honeypot we have being attacked. That means that probably every other Joomla site out there is being targeted as well.”
For those using Joomla 3.x, there is a patch now available. The version that patches this exploit is version 3.4.6. However, with how widespread this attack is, it is likely many Joomla installs were exploited during the two days prior to the patch becoming available.
This is the second major vulnerability found in Joomla in the last few months. In October, there was a SQL injection vulnerability that was so significant, Joomla preannounced that a patch would be available to fix it.
Latest posts by Jennifer Slegg (see all)
- Google Quality Rater Guidelines Update: New Introduction, Rater Bias & Political Affiliations - December 6, 2019
- Google Updates Quality Rater Guidelines: Reputation for News Sites; Video Content Updates; Quality for Information Sites - September 13, 2019
- Google Makes Major Changes to NoFollow, Adds Sponsored & UGC Tags - September 10, 2019
- Google Updates Quality Rater Guidelines Targeting E-A-T, Page Quality & Interstitials - May 17, 2019
- Google Local Service Ads Display Pricing Estimates for Specific Locations - August 31, 2018