Support

Admin Tools

#24133 Very urgent - Joomla big big serious vulnerability

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 08 January 2016 16:22 CST

Thursday, 07 January 2016 11:53 CST

bicelli
Hello,

Admintools protect me from this Exploit?

https://blog.sucuri.net/2015/12/remote-command-execution-vulnerability-in-joomla.html

Let me know

Thursday, 07 January 2016 12:06 CST

dlb
As the article says several times, if you are on a version of Joomla! 3.4.6 or prior, you need to upgrade your Joomla! immediately.

Yes, version 3.6.8 of Admin Tools has protection against this vulnerability. But the version of Admin Tools at the time the vulnerability was discovered and became public did not include this protection. The protection was introduced in version 3.6.7, released Monday, December 21, 2015, the day the Joomla! vulnerability became public.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Friday, 08 January 2016 11:49 CST

bicelli
Hello,

And for versions Joomla 1.5 - 2.5 ? Please upgrade also Admintools 2.2.12 and 3.4.4 to include this Critical patch, i have legacy website and need this Fix.

Thanks

Friday, 08 January 2016 16:22 CST

nicholas
You can simply apply the semi-official patches posted at https://docs.joomla.org/Security_hotfixes_for_Joomla_EOL_versions

EXTREMELY IMPORTANT: Please consult joomla.org for Joomla! security issue notifications and security code fixes for Joomla! itself, NOT third parties (such as Sucuri or even us). Follow Joomla! on social media (Twitter, Facebook or Google+) to get prompt notifications for security releases.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!