Severe Joomla security vulnerability discovered — immediate update required
Recently, the Joomla project released version 3.4.5.
This update patches a critical security vulnerability that can easily allow full access to your website and disclosure of all the information in your database.
Our records show that one-third of Joomla 3 owners are still vulnerable to this critical security issue.
Failure to apply the patch to any Joomla 3 site dramatically increases the chance that your website will be hacked. So be sure to update to Joomla 3.4.5 right away.
On 16 October 2015, the Joomla project announced that three security vulnerabilities had been identified in Joomla 3.
Together, the vulnerabilities affect all versions of Joomla between v3.0 and v3.4.4 inclusively.
On 22 October 2015, the Joomla project released Joomla 3.4.5 which patches these issues.
Just 90 minutes after this release, third-party websites began publishing full details on how to exploit the vulnerability. This created a very dangerous situation for Joomla users.
As of this writing, our records indicate that one in every three sites remain dangerously insecure.
Thus, if you are running any version of Joomla 3, we strongly suggest that you backup your site and then immediately update to Joomla 3.4.5.
How to maximize Joomla security
For Watchful users, simply visit your Dashboard to backup and then update your sites to patch the Joomla security vulnerability.
If you are not Watchful user, you can use the built-in Joomla updater.
Or if you prefer, download the full Joomla 3.4.5 package (or the relevant update package) using the links provided in the official announcement on Joomla.org and apply them directly in the backend Joomla installer.