Category: NewsZend FrameWork Security Vulnerability – Hot Fix Released

Share this post...Tweet about this on TwitterShare on Google+0Share on Facebook0

Recently, A security vulnerability was discovered in Zend FrameWork which poses a security threat.

Abstract

Zend has released an advisory that there is a serious security vulnerability in their FrameWork product, which InterWorx utilizes. The framework is used to provide XMLRPC access to the InterWorx API. Information regarding the vulnerability can be found in the security advisory at http://framework.zend.com/security/advisory/ZF2012-01.

Response

In response, we have released an emergency hotfix to patch our integration of Zend FrameWork. It is highly recommended all our hosts update their version of InterWorx as soon as possible. This can be done by running:

yum update interworx

from command-line. By default, InterWorx also checks for updates once a day and thus most InterWorx servers should be updated within 24 hours. We are not aware of any instances of this issue being exploited on InterWorx servers, but we take the security of our product and our client’s data extremely seriously. Thus, we pushed the patch live as soon as we were made aware of this issue.

Questions or Concerns

Please feel free to contact InterWorx support if you have any questions regarding this update.

Jul 5, 2012, 10:29 pmBy: InterWorx (0) Comments

Leave a Reply
Surround code blocks with <pre>code</pre>

Your email address will not be published.

Forum Posts