Difference between revisions of "What is a vulnerable extension?"
From Joomla! Documentation
(New page: A vulnerable extension is one that has been found to contain (or contribute to) a security vulnerability. Vulnerable extensions are not necessarily poorly-coded. As the Web evolves, techn...) |
(added links to vulnerable extension list) |
||
Line 1: | Line 1: | ||
− | A vulnerable extension is one that has been found to contain (or contribute to) a security vulnerability. | + | A [[Vulnerable_Extensions_List_oct|vulnerable extension]] is one that has been found to contain (or contribute to) a security vulnerability. |
Vulnerable extensions are not necessarily poorly-coded. As the Web evolves, technical requirements and commonly accepted coding practices change. Active projects release new versions of their extensions as requirements change. For this reason, it is important to: | Vulnerable extensions are not necessarily poorly-coded. As the Web evolves, technical requirements and commonly accepted coding practices change. Active projects release new versions of their extensions as requirements change. For this reason, it is important to: | ||
Line 6: | Line 6: | ||
# Use only the latest stable version of all extensions. | # Use only the latest stable version of all extensions. | ||
# Completely remove all files of insecure or unused extensions. | # Completely remove all files of insecure or unused extensions. | ||
+ | # Check the [[Vulnerable_Extensions_List_oct|Vulnerable Extension List]] on a regular basis and remove or update any extension version found to be vulnerable. | ||
[[Category:FAQ]] | [[Category:FAQ]] |
Revision as of 12:24, 23 December 2009
A vulnerable extension is one that has been found to contain (or contribute to) a security vulnerability.
Vulnerable extensions are not necessarily poorly-coded. As the Web evolves, technical requirements and commonly accepted coding practices change. Active projects release new versions of their extensions as requirements change. For this reason, it is important to:
- Know the version numbers of all installed extensions.
- Use only the latest stable version of all extensions.
- Completely remove all files of insecure or unused extensions.
- Check the Vulnerable Extension List on a regular basis and remove or update any extension version found to be vulnerable.