[General] Joomla! Exploits
Tuesday, January 11th, 2011 - General
We are seeing a lot of webhosting accounts with Joomla! scripts installed being exploited. These exploits are either sending out spam or being used to host phishing sites on the affected webhosting account.
In order to get ahead of these exploits, we may have to start disabling websites that are using old, outdated, and insecure Joomla! scripts. We have to keep the integrity of our servers in good standing. If our servers are continually being flagged as hosting phishing or spamming sites, then this affects how our servers are viewed by security firms on the Internet.
This is why it is so important for you to keep your scripts up-to-date with the latest version.
We will be going through our servers and looking for outdated Joomla! scripts. Users should receive an e-mail notice about these outdated scripts on their webhosting accounts.
The latest version of Joomla! at this time is 1.5.22. For information on the latest version of Joomla! see:
http://www.joomla.org/download.html
Additionally at this website you will find a form where you can subscribe to be notified by the Joomla! developers when a new version is release:
We would encourage you to sign up and subscribe to this list.
We are also seeing that the exploit is through certain components installed in the Joomla! script. It is important to note that in addition to keeping your Joomla! core script up-to-date, you also must keep any components that you install up-to-date.
Scott