News for security updates for web hosting industry
LiteSpeed Web Server (LSWS) is a commercial web server and it is a high-performance Apache drop-in replacement. LiteSpeed has released an update for LiteSpeed 4 and LiteSpeed 5 to address OpenSSL vulnerability. They have released LiteSpeed 4.2.24 and LiteSpeed 5.0.2. It is recommended to upgrade it to latest version. For more information, you can refer …
Magento is the eCommerce software and platform used by large number users. An update for Magento was just released to address a critical security vulnerability and it is recommended that you update as soon as possible. This update has addressed several security vulnerabilities. Following issues were addressed in the recent update: [1] ClosedCustomer Information Leak …
Magento Critical Security Update – SUPEE-6285 Patch Read More »
CloudLinux is a commercial operating system and it is being used by almost all web hosting providers. This is ideal for shared hosting server to provide more robust, secure and stable hosting services on shared server. CloudLinux also provides additional modules and software to provide additional security and features. One of the security feature is …
CloudLinux CageFS 5.4.1 Released – Security update Read More »
Plesk is widely used hosting control panel for Windows and Linux server. Plesk has released an update for Plesk 12 (Windows version). This is an important security update released by Plesk. Plesk 12.0.18 Update 52 (Windows) was released to address security issue. If you are using Plesk (Windows), it is highly recommended you apply this …
Plesk 12.0.18 Update 52 (Windows) Security update Read More »
Product Description: Vision Helpdesk is the only web based Help Desk Software that allows to manage support for multiple companies at one place with single staff portal for all companies and each company having its own client portal. Recently following vulnerabilities were discovered in Vision Helpdesk: Various Modules Local File Inclusions There are various modules …
PowerDNS had released an update to address security vulnerability and it is recommended that you update as soon as possible. Following are the detailed information on this security vulnerability and the versions which were affected by this PowerDNS security vulnerability: CVE: CVE-2015-1868 Date: 23rd of April 2015 Affects: PowerDNS Recursor versions 3.5 and up; Authoritative …
A critical, unpatched 0-day vulnerability affecting WordPress comment mechanisms. This vulnerability is now disclosed publicly. Who is affected? If your WordPress site allows users to post comments via the WordPress commenting system, you’re at risk. An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts …
Critical XSS 0-Day Vulnerability Disclosed in WordPress 4.2 Read More »
WordPress team has released a critical security update for all previous versions and it is strongly encourage that you update your WordPress version to WordPress 4.1.2. WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. They have also fixed three other security …
Last week, Microsoft had released an important security update. This security update resolves a vulnerability in Microsoft Windows. HTTP.sys Vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system. This security update is rated Critical for all supported editions of Windows 7, Windows 8, Windows 8.1, …
Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553) Read More »
WP Super Cache WordPress plugin is one of the widely used plugins. This plugin is used to cache the posts and thus it improves the performance and reduce the loading time. Recently Sucuri vulnerability research team found a critical security vulnerability in WP Super Cache WordPress plugin. The vulnerability has been patched and if you …