We have just released new versions of our products:
- WoltLab Suite 5.2.6
- WoltLab Suite 3.1.14
Stability releases (also known as "minor releases") aim to solve existing problems in the current version. Like every stability release, they do not introduce new features; It is strongly recommended to apply these updates.
Recent Investigations on Compromised Communities
We have become aware that a few customer sites have been compromised in an attempt to steal user credentials. The attacker did modify a few files to capture plaintext passwords and installed a backdoor in order to regain access at a later point. This update will overwrite the files containing the malicious changes with the original versions.
Furthermore, any intercepted plaintext password was stored in the database column logToken in the table wcf1_user that was added by the attacker. This update will nullify those values by replacing them with the string compromised, account that did not have the password stolen will have an empty value.
If you have any questions or to seek advice if your site had been compromised, please Please login to see this link., we'll help you.
How Did the Attacker Gain Access?
Investigations strongly indicate that the attacker gained access to the systems by logging in with an administrator's account using credentials that have been stolen previously. We cannot stress this enough: DO NOT REUSE PASSWORDS ON OTHER SITES. YOU PUT YOURSELF AND YOUR COMMUNITY AT RISK!
Performing System Updates
Open your Administration Control Panel and navigate to Configuration > Packages > List Packages. Please click on the button Search for Updates located in the right corner above the package list.
The list below includes only significant changes, minor fixes or typos are generally left out.
(Will be added later.)