MySQL Security Hole Found

joomla support cheshire manchester merseyside north west uk

A security hole has been reported which affects MySQL, the database application used by the Joomla! CMS.

The security hole can be used to gain root access on poorly configured servers.

Patches have been quietly released by the MySQL developer but some web hosting companies appear to have been rather slow on the uptake.

All default installations of MySQL 5.5, 5.6 and 5.7 are affected.

JOOMLERS should check that the server hosting their website is using at least one of the following MySQL releases (depending upon version used):

  • 5.5.52,
  • 5.6.33 or
  • 5.7.15.

Source: The Register.


MySQL Derivative are also affected

MySQL derivatives:

are also affected.

The developers have issued fixes to address the reported failings.

Read more at the above links.

Which MySQL version is recommended by Joomla!

The Joomla! Project recommend MySQL version 5.5.3 + for Joomla! 3.

Source: Joomla! CMS Technical Requirements.

However, following the discovery of the security hole, you should check the System Information screen to see which version/release of MySQL is being used by your website.

If your website uses MySQL version 5.5 then it should be showing the following release: 5.5.52.

If not then you should contact your hosting company.

Read more: How to view System Information.


Make Joomla! CMS Security YOUR #1 Priority

joomla support cheshire manchester merseyside north west ukWe offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Learn how to manage Joomla! website security.