The Joomla project has just released Joomla 3.4.6 to address a Critical Vulnerability.
You must act immediately and update or patch all your Joomla 3.x/2.5/1.5. sites to this latest release.
The vulnerability is also present in discontinued Joomla 2.5 and 1.5 series (Joomla 1.0 is ok). If you still have sites running off these old Joomla versions you must patch them appropriately.
So to quickly help you act please follow these instructions:
- For all your Joomla 3.x websites
you should upgrade now to Joomla 3.4.6 - For all your Joomla 2.5.28 websites you should
download and apply the Joomla 2.5.28 patch - For all your Joomla 1.5.26 websites you should
download and apply the Joomla 1.5.26 patch
This is really important! If you are reading this, you should stop what you are doing and start updating/patching all your websites now.
There is no need to delay. The Joomla 3.4.6 package only addresses the vulnerabilities and will not break anything you have installed upgrading from 3.4.5 to 3.4.6 (including of course Community Builder 2.0.12).
If your website is not patched and your hosting does not have proper security counter-measures (btw - our hosting has already blocked thousands of attackers), you are at risk - protect your websites now !