A bug in a security update to PHP 5.3.9 has created a critical vulnerability, potentially allowing hackers to inject and execute code remotely.
The security update was originally created to prevent Denial of Service attacks, but the method used by the developers potentially allows a hacker to inject malicious code through a buffer overflow.
While PHP have not issued an official advisory about the problem, they are aware of the problem and are currently developing a security update.
PHP is the scripting language that many popular content management systems, including WordPress, Joomla and Drupal, are written in.
ABOUT THE AUTHOR
Andrew Sadauskas is a former journalist at SmartCompany and a former editor of TechCompany.
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.