msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Vulnerability Advisories for Third-Party Scripts

   22 Apr 09   Filed in Tips and Tricks

Building sophisticated websites is pretty easy these days.  Whatever you want (blog, forum, eCommerce solution, picture gallery, video sharing site, or even your own social network) – there is a free third party script that you can use to build your site in a matter of hours.

However this ease comes at a price. Unfortunately, no software is perfect. Hackers have a great incentive to find vulnerabilities in popular scripts – if they find a security hole, they can exploit thousands (and sometimes even millions) of websites that use the buggy script.  And the fact that most popular script are free  Open Source software helps hackers immensely.

If you are using third party scripts, the rule of thumb is to upgrade as soon as a new version or security patch is available.  Go to the vendor’s site and check if a new version is available. Subscribe to mailing lists or RSS feeds to be notified about upgrades and security issues of current versions.

If, for some reason, you prefer not to upgrade (bad idea), at least make sure the version you use doesn’t have known vulnerabilities.

Secunia

There is site called Secunia that provides up-to-date vulnerability advisories. You can search advisories by product or by vendor.

I’ve compiled a list of links to information about known vulnerabilities for a few popular scripts:

Be proactive. If you have to use third party scripts, make sure they are secure and up-to-date. Don’t let your laziness ruin your site, your online business, and your reputation.

Comments are closed.