In this new world of cyber crime where every week we are hearing about a website that has been hacked, we are watching daily to ensure that our clients are staying up to date on their website security releases. In the past week Joomla, the application we use to design our websites, has identified a number of areas where potential hackers might get into and attack a site. They have released software updates (patches) to Joomla to keep their websites safe. If you are using Joomla as a base for your website, you need to make sure you are on the latest release. If you don't know what release you are on or need help updating to the latest release, call us. We are happy to help. 719-749-1112. Guardian Solutions LLC is a leading provider of web services, (website design, web hosting, search engine optimization (SEO), marketing, graphics design, custom content, blogging, and managed IT services) for the Front Range of Colorado, including Colorado Springs, Fountain, Monument, Castle Rock, Pueblo, Manitou Springs, Peyton, Falcon, and Woodland Park. Technology Consulting, Security First.
Technical details.
On the heels of a vulnerability to existing versions, Joomla released two patched versions for 2.5 and 3.0. the current versions are 2.5.11 (skipped right over 2.5.10 which was released on the 24th) and 3.1.1. The SQL vulnerability is low and only really poses a threat when the hacker has user authentication credentials. If you only have one user (Admin) this should not be a problem at all, but when you have 'Registered' level users, they may escalate their privileges in which case your in trouble anyway.
Just some background on Joomla versions and support. There are Short Term Support releases (STS) which are supported for seven months, one month after the release of the next STS. There are Long Term Support releases (LTS) which are supported for 27 months. Each STS release is superseded by its predecessor every six months. The LTS releases are not updateable from one to another. The process of upgrading from one LTS version to the next is getting easier however, and is becoming more cost-effective.
VERSION HISTORY
Version |
Release date |
Supported until |
1 |
9/22/2005 |
7/22/2009 |
1.5 (LTS) |
1/22/2008 |
12/1/2012 |
1.6 |
1/10/2011 |
8/19/2011 |
1.7 |
7/19/2011 |
2/24/2012 |
2.5 (LTS) |
1/24/2012 |
2014-03 |
3 |
9/27/2012 |
2013-04 |
3.1 |
4/24/2013 |
2013-10 |
3.2 |
2013-09 |
|
3.5 (LTS) |
2014-03 |
|
4 |
2014-09 |
|
4.1 |
2015-03 |
|
4.2 |
2015-09 |
|
4.5 (LTS) |
2016-03 |