TCH-Blog Posted December 16, 2015 Share Posted December 16, 2015 The Joomla security team has fixed a highly critical zero-day bug, which allows an attacker to take full control of an affected site’s administration area. The vulnerability affects Joomla versions 1.5 to 3.4.5, it involves an object injection vulnerability via the HTTP user agent that leads to a full remote command execution. You can determine your Joomla version by logging into your administrator area, the version will be displayed either in the top right hand corner or at the bottom of your administrator panel. This is a serious vulnerability that can be easily exploited and is already in the wild. If you are using Joomla, it is essential that you upgrade to the latest version For EOL versions a patch has been provided which can be found at the link below, however we strongly recommend clients upgrade to the latest version as soon as possible. Joomla EOL patches for CVE-2015-8562 View the full article Discuss in Forums Link to comment Share on other sites More sharing options...
Recommended Posts