Version 1.5.9.6 released
-
Thursday, 11th February, 2016
-
19:01pm
Version 1.5.9.6 - [NEW] JCE Upload Vulnerability Protection
- [FIX] "fatal handler" error message logged.
- [FIX] Signatures & upgrades couldn'd be downloaded in some servers using CentOS 7
Mod Security 2.7 will be required for full protection.
This update includes protection for the JCE Upload Vulnerabiity
JCE Vulnerability is an old vulnerability that has been exploited in the last days. New bots have been written that include a Mod Security Vulnerability allowing remote files to be uploaded evading the anti malware softwares.
We have patched the system in order to detect this kind of attacks and block them.