We fondly remember Corporal Jones' shout of "Don't panic!"
Last week we were given notice that the Joomla! 3.6.4 SECURITY FIX would be published on:
Tuesday 25th October at approximately 15:00 GMT (14:00 UTC) and it was.
We didn't panic like Corporal Jones in Dad's Army but we did put all hands to the pump in double quick time:
- updating every PRO Joomla! CMS Support subscriber's website within minutes of the above release time, and
- forewarning and reminding again and again and again every one of our other customers!
And thankfully our customers have responded very positively indeed.
Just TWO have not yet acted and I am beseeching them yet again as I rush off this post!
Reason for urgency
If you don't update your Joomla! CMS then ...
"Any random hacker can create an Administrator (but NOT Super User) account on your site. Using that they modify the content of your site but, with the default security options of Joomla in place, cannot install malicious extensions." Source: Akeeba.
This respected developer of the Admin Tools Firewall extension also states on their website "that there is a very good chance that your site WILL be hacked within 8 to 48 hours from the time Joomla! 3.6.4 was released and the specifics of the security issue were made public."
The Joomla! 3.6.4 Security Fix became available 24 hours ago.
We provide full instructions in our Joomla! User Guide.
WYNCHCO Joomla! CMS Support
We coach, help and support managers with responsibility for Joomla! websites in organisations across Cheshire, Manchester, Merseyside, North West England & the UK.