Joomla Releases Critical Vulnerability Patch
The content management system Joomla is vulnerable to remote code execution. Users of versions 1.5 to 3.4.5 are recommended to update. The vulnerability is already being used by attackers.
The vulnerability in the popular content management software was spotted by security company Sucuri. Sites using the software could be used by an attacker to redirect traffic to arbitrary sites or execute malicious code. The open source project behind Joomla has patched the vulnerability in version 3.4.6, which is available via an update.
The vulnerability, considered zero day by Sucuri, uses object injection via the http user agent. The browser uses this to pass information to the web server with which it can display appropriate content, based on the user’s software. By modifying information sent to the browser, an attacker can execute code on the vulnerable Joomla sites.
According to Sucuri, attacks are already being carried out on a large scale. Given the large number of Joomla sites, it is attractive for attackers to deploy the vulnerability as widely as possible.