The Joomla! developers have released an updated version of their Joomla! script, Joomla! 3.4.6
This release fixes a major security bug in Joomla!
This security bug is also present in prior Joomla! releases, Joomla! 1.5 and Joomla! 2.5. But since Joomla! 1.5 and Joomla! 2.5 are end-of-life, no security patches are being released for those versions.
Users on our servers that have been using these outdated Joomla! versions have been sent several notices about this. Because of these notices and this recent security issue, this may be the final nail in the coffin for Joomla! 1.5 and Joomla! 2.5 scripts. We will likely have to start disabling Joomla! scripts that are end-of-life. We apologize for having to do this, but advice to upgrade your Joomla! scripts have gone ignored and the dangers of allowing these exploitable scripts outweighs any benefit from a server security standpoint.
If you are not using Joomla! 3.4.6, please upgrade as soon as possible
A nasty security exploit has been discovered affecting several thousand old an outdated versions of the popular Joomla! extension, VirtueMart.
More information is available at:
All users need to upgrade or remove the affected VirtueMart Joomla! extension.
Versions of VirtueMart that are safe appear to be versions 2.6.8c and 2.6.10c.
Unfortunately, we cannot provide any support for this. We are just a messenger letting you know that a serious security threat is there. If you are using a vulnerable version and you do nothing, your web hosting account will likely get hacked. We may have to suspend or disable web hosting accounts that are hacked or do not upgrade or resolve this issue.
If you require support for this, you may want to contact your web developer or web designer for more information. Additional support may be found directly at the VirtueMart Support Forums:
or at the Joomla! support forums:
Again, we are just advising you that a threat exists. If you do not know what to do about this, I encourage you to seek help at one of the above forums.
Steven – AMS Support
PLEASE READ IF YOU ARE SEEING A LOGIN PROMPT WHEN TRYING TO ACCESS YOUR WORDPRESS ADMIN AREA
Some of you may be aware that there has been a growing BOTnet across the Internet that has essentially been launching a DDOS attack on WordPress scripts throughout the Internet.
WordPress is an extremely popular blogging and CMS platform. Many people use it. It is widely installed throughout the Internet and on our web hosting servers. This makes it a very inviting target for hackers and other malicious users to take advantage of.
The attack is basically a system of thousands and thousands of IP addresses all trying to login into various site’s backend WordPress admin panel. All of these requests undermines the performance of the server, because the server has to respond to each of those requests. This is why this essentially becomes a DDOS like attack.
Up until now, we have been able to mitigate most of this with a series of IP blocks. But unfortunately this system is reaching it’s saturation and is no longer being effective. The next step to mitigating this is to employ a specific web/captcha system. With this enabled, you will see a dialog box when you go to log into your WordPress admin panel, telling you to enter a specific set of characters for a username and answering a simple arithmetic/addition problem as the password. This is becoming the standard way to mitigate this attack.
We don’t yet know if we will deploy this server-wide or if we will do it on an account-by-account basis. But it is becoming clear that we are going to have to deploy this system in some capacity.
If you see this dialog box pop up on your WordPress admin panel login screen, don’t be alarmed. It is a mitigation solution to stop this WordPress login attack.
We do apologize for having to deploy this, but if we do nothing this attack is just going to continue to undermine server performance for your site and all of the other sites on our web hosting servers.
We have seen a flurry of accounts being hacked due to outdated Joomla! Content Editor components (JCE). Because of this we have made the decision to go through all of our servers are remove/disable all outdated JCE components.
The reason for this is because these accounts with outdated JCE components are being hacked into, compromised, and used to send out spam. This affects the integrity of our servers and is not fair to other users on the server that are keeping their scripts and components up to date, to have to deal with a server that is blacklisted for sending out spam.
It seems that a large portion of our users are unable or unaware of the need to keep their scripts, components, plugins, extensions, and themes up to date. Disabling these outdated JCE components will hopefully bring to light why it is so important to keep things up to date.
The latest version of the Joomla! Content Editor (as of May 30, 2013) is 126.96.36.199. If you are not using 188.8.131.52 then your version is outdated and potentially dangerous. That is why it has been disabled/removed. The website for the Joomla! Content Editor is:
We wanted our users to be aware of this.
Last month (Octoboer 2012) we sent out notices to users who we found to be running outdated WordPress and Joomla! scripts. We will be doing that again this month, and I hope to make this a monthly notice.
If you received a notice in October about an outdated script and you receive another one this month, this simply means that – according to our records – you have not updated the outdated script. We feel that keeping your scripts up to date is important and should be done in order to keep your website safe. That is the purpose of these notices, to inform you that you are running outdated scripts.
Once you update a script, and then keep it updated, you will not receive these outdated notices.
I hope to send the outdated notices early next week to the accounts on our servers.