Server Hosting Company/ December 21, 2015/ Web Hosting

joomla update

Yesterday afternoon, Joomla released Version 3.4.6 to address 4 security vulnerabilities. This patch includes security hardening of the user password reset system. It is highly recommended that users immediately upgrade to version 3.4.6.

The vulnerability affects Joomla versions 1.5 to 3.4.5. Attackers are performing an object injection via HTTP user agent for full remote command execution.

Here’s what to look for to determine if you have been comprised, thanks to security blog Sucuri, who first found the exploit.

If you are a Joomla user, check your logs right away. Look for requests from or or as they were the first IP addresses to start the exploitation. I also recommend searching your logs for “JDatabaseDriverMysqli” or “O:” in the User Agent as it has been used in the exploits. If you find them, consider your Joomla site compromised and move to the remediation / incident response phase.

If you are using the old and unsupported versions 1.5.x or 2.5.x, apply the hotfixes here.

If you are a HostDime managed client and have questions, don’t hesitate to contact us., Inc. is a global data center company offering an array of cloud products which include managed services for scalable cloud storage, dedicated servers, VPS (Virtual Private Servers), and colocation. owns and operates data centers in Orlando, Florida as well as Brazil, with network facilities in Hong Kong, India, the United Kingdom, and the Netherlands.

Jared Smith is HostDime’s Content Marketer.

The post Critical Security Vulnerability Found in Joomla. Update to 3.4.6 Now appeared first on HostDime Blog.

About Server Hosting Company

Onlive Server is a leading Server Hosting Company provide Cheap and best server hosting plans for more than 35 countries. Available all server hosting plans like Dedicated Server, VPS Hosting and Cloud VPS server hosting. Managed Dedicated Servers: Onlive Server is giving fully managed Dedicated Servers, Linux and windows VPS and Cloud Servers.