Umbraco September 2018 Security Advisory

Umbraco patch available now

Robert Foster · 21 September 2018

Umbraco have just released a patch for an issue affecting a library used by the CMS that could lead to exposure of private information.  A fix is available for affected sites along with instructions on how to implement it.  Umbraco recommends applying the patch to affected sites as soon as possible.

How to find out if you're affected

The affected versions are as follows:

  • 4.11.9 - 4.11.10
  • 6.0.6 - 6.2.6
  • 7.0.0 - 7.12.2

To work out what version your website is built on, the following handy reference should help you:

Umbraco 4 and 7 Version information is found in the About dialog
Umbraco version information for 4 and 6 is found in the About Dialog accessible by clicking on "About" in the top right corner
Umbraco 7 Version info
For Umbraco 7 it's found by clicking on the Help icon in the lower left corner - different version of Umbraco 7 may have a different appearance, but the location doesn't change.,

What can I do about it?

You can read about the security patch on Umbraco's blog here - Security advisory: Patch for your site is now available- external link; the details on how to upgrade your website are included in the blog post; however if you would like to engage Your friendly IT Team to manage the upgrade safely and securely for you give us a call or send us a message and we'll respond as soon as possible.

Resources

Related Articles

24 June 2014

First ever Umbraco Melbourne Meetup!

So here it is: The first ever Melbourne Umbraco Meetup; date locked in for the first Wednesday of July, and hosted by the good folks at Roadhouse Digital.

Indexing content in complex Umbraco data types
25 September 2018

Indexing content in complex Umbraco data types

The Umbraco CMS is a very flexible and open platform for building an expressive and intuitive Content Editors interface, but sometimes that comes at a price when it comes to indexing the produced content for Lucene/Examine based searching.  A bit like looking for the needle in the haystack. In this article, Rob takes a look at ways to clean that content up while indexing to surface keywords and presentation without any messy artifacts.