Joomla Zero-Day Exploit Discovered

Joomla Zero-Day Exploit Discovered – Critical Action Required

The open-source project behind the widely used Joomla content management system has issued a patch for a vulnerability that is now being widely used by hackers.

Sucuri, a company that specializes in securing websites, wrote on Monday that attackers have been trying exploit the flaw for the last two days.

Attackers are “doing an object injection via the HTTP user agent that leads to a full remote command execution,” Sucuri said.

Because many websites use Joomla, it presents an attractive target. If a Joomla site is compromised, attackers may be able to plant malicious code on a page or redirect people to other malicious sites.

This Joomla zero-day exploit effects nearly all Joomla installations to date (1.5 – 3.4.5).  This vulnerability has been in place for years however mostly unknown.  The number of attacks are expected to grow exponentially now that this news has been made public.

Joomla has released a patch for all old unsupported versions as well as an update for the latest version.  It’s important to note that this patch is not effective if your site has already been compromised.  Further steps will be required to insure that your site is safe and secure.

We have notified all of our current customers that are currently running Joomla and have an appropriate action plan in place.  If you are concerned that you may be effected by this zero-day exploit, please contact us at 734-330-4768 or Contact Us here.