All Umbraco versions affected. Remove
/bin/umbraco.webservices.dll! A quick and short message to all Umbraco users, which just dropped in my Inbox:
During one of our regular security audits of the core, a severe security vulnerability was found in the integration web services of Umbraco and we recommend everyone to take immediate action to prevent any exploit.
More details will come in a few weeks when people have had a chance to update their installations, but for now we ask you to remove the following file from all your Umbraco installations:
The security vulnerability affects all versions of Umbraco.
This will not affect the daily use of your Umbraco installation. It *might* affect integration with your Umbraco installation, but less than 1% use the integration web services. For those who do use the integration web services we recommend that you get in touch with email@example.com.
We’re sorry for the inconvenience.
Niels Hartvig on behalf of the hard working core team.
Complete post and more information:
My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link: https://paypal.me/jreilink.