Joomla 2.5.8 and 3.0.2 Released (Security Updates)

Joomla 2.5.8 and 3.0.2 were just released today fixing a medium severity security bug related to a clickjacking/XSS vulnerability. You can find more details on their release notes:

If you are not familiar with ClickJacking, Wikipedia explains it well:

Clickjacking is a malicious technique of tricking a Web user into clicking on something different to what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. It is a browser security issue that is a vulnerability across a variety of browsers and platforms. A clickjack takes the form of embedded code or a script that can execute without the user’s knowledge, such as clicking on a button that appears to perform another function.

And remember, the leading cause for website compromises is outdated software! So as a website owner, you have to do your part to minimize risk and keep your site (and your users) safe. Update now!

Sucuri SiteCheck was also updated to alert users not running version 2.5.8/3.0.2 on their Joomla sites.

Scan your website for free:
About David Dede

Sucuri Security bot (crazy work) - Malware research updates, sucuri news and more.

  • http://www.hopy1.com/ hopy

    I are upgrading, hope new version will run better

  • http://www.y8u.org/ Y8

    Many people assume there is nothing to writing a piece of writing, however they’re not professionals.

  • http://www.y8friv.asia/ Friv 4

    This article was therefore smart. It undoubtedly shows that you just spent plenty of your time in analysis to provide such a fine article. Thank you.

  • http://y8-kizi.kizifriv1.com/ Friv 3

    I’ve browse plenty of on-line articles on this subject of late. Yours is that the only 1 that basically created sense to ME. Thanks a bunch.

  • http://www.y8u.org/ Yepi Friv

    I got so involved in your article that i couldn’t even produce myself
    quit reading. thanks for producing such nice quality work.

  • http://friv-2.yepi-yepi.com/ Friv 2

    Thanks for let me know it. It is very helpful

  • http://www.minecraftjugar.com/ Minecraft Jugar

    Right on! And remember, the leading cause for website compromises is outdated software! So as a website owner, you have to do your part to minimize risk and keep your site (and your users) safe.

  • http://www.parafriv.net/ Para Friv

    Right on! And remember, the leading cause for website compromises is outdated software
    Thanks for let me know it. It is very helpful