ATTN: Joomla Users, Upgrade now! - Critical Joomla security release and hotfixes

You NEED to update your Joomla right now.

Remote command execution vulnerability was just found in Joomla.

The Joomla security team has released a new version of Joomla 3 to patch critical vulnerability that affects all versions from 1.5 to 3.4.

This is a very serious bug that is already wide known and can be easily exploited.

If you're using Joomla 3 - update it to version 3.4.6 immediately.

• see how to update your Joomla

If you're using Joomla 1.5 or 2.5 - you need to update one file in order to make it secure.

• Download patch for Joomla 1.5
• Download patch for Joomla 2.5

The file to be patched is located in:

/libraries/joomla/session/session.php

Step by step guide how to patch Joomla 1.5 and 2.5:

• You can upload the .zip file to the root of your Joomla installation and then extract it directly there. The full path is in the .zip package.
• Alternatively you can:

1. 1. extract the Joomla 1.5 or Joomla 2.5 patch on your disk (links are provided above in this post)
   2. login to your ftp server and navigate where Joomla is located
   3. browse to the /libraries/joomla/sessions/ folder
   4. replace your current session.php file with the new session.php file you extracted from the .zip.

 
We offer upgrade assistance if needed. Please submit a ticket. If there will be a fee, we'll let you know in advance.

Friday, December 18, 2015

« Back