Sysadmins of the North
Don't forget to share this post!

Umbraco security vulnerability found – immediate action recommended

All Umbraco versions affected. Remove /bin/umbraco.webservices.dll! A quick and short message to all Umbraco users, which just dropped in my Inbox:

During one of our regular security audits of the core, a severe security vulnerability was found in the integration web services of Umbraco and we recommend everyone to take immediate action to prevent any exploit.

More details will come in a few weeks when people have had a chance to update their installations, but for now we ask you to remove the following file from all your Umbraco installations:

/bin/umbraco.webservices.dll

The security vulnerability affects all versions of Umbraco.

This will not affect the daily use of your Umbraco installation. It *might* affect integration with your Umbraco installation, but less than 1% use the integration web services. For those who do use the integration web services we recommend that you get in touch with sebastiaan@umbraco.com.

We’re sorry for the inconvenience.

Best
Niels Hartvig on behalf of the hard working core team.

Complete post and more information:
http://umbraco.com/follow-us/blog-archive/2013/4/29/security-vulnerability-found-immediate-action-recommended.aspx

About the Author Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link: https://paypal.me/jreilink.

follow me on:

Leave a Comment:

1 comment
Add Your Reply
Skip to content