07-11-2007, 08:11 PM
MyBB 1.2.9 Released - Important Security Update
MyBB 1.2.9 is a security update to the MyBB 1.2 series. It fixes a HIGH risk vulnerability just internally discovered in MyBB. We recommend everybody upgrades to this release as soon as possible or patches their boards with the manual patching instructions below.
We recommend all users upgrade their copy of MyBB to the latest available release. There is no proof of concept for this vulnerability available but there have been several attempts to use it against our official community forums.
This vulnerability allows a malicious user to perform arbitrary code execution within MyBB.
Immediately we're releasing a new version of MyBB which patches this exploit (MyBB 1.2.9). MyBB 1.1.8 is also affected.
MyBB 1.2.8 to MyBB 1.2.9 Patch
This patch is only for users running MyBB 1.2.8. If you are running any other version of the MyBB 1.2 series then please download MyBB 1.2.9 from the MyBB site and update to it.
Please download the attached ZIP archive and replace the files in your forum directory with those from the ZIP archive.
----------------------------------------------------------------
I think hacking is often a scripted routine for the harassment agencies. They have to check up on sites anyway, so they'll throw something at it if possible. Anyway, it' patched now. Nothing was lost, so there's nothing much to worry about.
MyBB 1.2.9 is a security update to the MyBB 1.2 series. It fixes a HIGH risk vulnerability just internally discovered in MyBB. We recommend everybody upgrades to this release as soon as possible or patches their boards with the manual patching instructions below.
We recommend all users upgrade their copy of MyBB to the latest available release. There is no proof of concept for this vulnerability available but there have been several attempts to use it against our official community forums.
This vulnerability allows a malicious user to perform arbitrary code execution within MyBB.
Immediately we're releasing a new version of MyBB which patches this exploit (MyBB 1.2.9). MyBB 1.1.8 is also affected.
MyBB 1.2.8 to MyBB 1.2.9 Patch
This patch is only for users running MyBB 1.2.8. If you are running any other version of the MyBB 1.2 series then please download MyBB 1.2.9 from the MyBB site and update to it.
Please download the attached ZIP archive and replace the files in your forum directory with those from the ZIP archive.
----------------------------------------------------------------
I think hacking is often a scripted routine for the harassment agencies. They have to check up on sites anyway, so they'll throw something at it if possible. Anyway, it' patched now. Nothing was lost, so there's nothing much to worry about.