Security

News for security updates for web hosting industry

Magento Critical Security Update – SUPEE-6285 Patch

Magento is the eCommerce software and platform used by large number users. An update for Magento was just released to address a critical security vulnerability and it is recommended that you update as soon as possible. This update has addressed several security vulnerabilities. Following issues were addressed in the recent update: [1] ClosedCustomer Information Leak …

Magento Critical Security Update – SUPEE-6285 Patch Read More »

CloudLinux CageFS 5.4.1 Released – Security update

CloudLinux is a commercial operating system and it is being used by almost all web hosting providers. This is ideal for shared hosting server to provide more robust, secure and stable hosting services on shared server. CloudLinux also provides additional modules and software to provide additional security and features. One of the security feature is …

CloudLinux CageFS 5.4.1 Released – Security update Read More »

PowerDNS security vulnerability

PowerDNS had released an update to address  security vulnerability and it is recommended that you update as soon as possible. Following are the detailed information on this security vulnerability and the versions which were affected by this PowerDNS security vulnerability: CVE: CVE-2015-1868 Date: 23rd of April 2015 Affects: PowerDNS Recursor versions 3.5 and up; Authoritative …

PowerDNS security vulnerability Read More »

Critical XSS 0-Day Vulnerability Disclosed in WordPress 4.2

A critical, unpatched 0-day vulnerability affecting WordPress comment mechanisms. This vulnerability is now disclosed publicly. Who is affected? If your WordPress site allows users to post comments via the WordPress commenting system, you’re at risk. An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts …

Critical XSS 0-Day Vulnerability Disclosed in WordPress 4.2 Read More »

Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)

Last week, Microsoft had released an important security update. This security update resolves a vulnerability in Microsoft Windows. HTTP.sys Vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system. This security update is rated Critical for all supported editions of Windows 7, Windows 8, Windows 8.1, …

Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553) Read More »