Joomla rolls out patch for security flaw

Joomla has successfully implemented a patch that will rectify security problems associated with its content management system.

Websites using the service were at risk of being hijacked for use in malware payload and phishing attacks, which was determined following an investigation by the Versafe Security Operations Centre.

The experts also found that attackers were given the opportunity to take full control of the systems that had been compromised, potentially putting large amounts of data at risk.

Eyal Gruner, chief executive officer of Versafe, explained that the problem first became known after a sharp rise in the number of phishing and malware attacks hosted by genuine Joomla-based sites, which may have led to a security audit.

He continued: "The series of attacks exploiting this vulnerability were particularly aggressive and widespread – involved in over 50 per cent of the attacks targeting our clients and others in EMEA – and ultimately successful in infecting a great many unsuspecting visitors to genuine websites.

"Versafe is committed to helping Joomla protect its large community of platform users and end-users, through having shared key findings specific to this exploit."

The patch can be found on the Joomla Developer Network and is compatible with versions 2.5.x and 3.1.x of the platform.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s