All Umbraco versions affected. Remove
/bin/umbraco.webservices.dll! A quick and short message to all Umbraco users, which just dropped in my Inbox:
During one of our regular security audits of the core, a severe security vulnerability was found in the integration web services of Umbraco and we recommend everyone to take immediate action to prevent any exploit.
More details will come in a few weeks when people have had a chance to update their installations, but for now we ask you to remove the following file from all your Umbraco installations:
The security vulnerability affects all versions of Umbraco.
This will not affect the daily use of your Umbraco installation. It *might* affect integration with your Umbraco installation, but less than 1% use the integration web services. For those who do use the integration web services we recommend that you get in touch with firstname.lastname@example.org.
We’re sorry for the inconvenience.
Niels Hartvig on behalf of the hard working core team.
Complete post and more information: