Joomla is run by a vast network of developers who work on the open-source CMS to offer better functionality, and of course, greater security, for users. One of the biggest drawbacks of opting to go with an open-source CMS is that these are more prone to security vulnerabilities than paid services. In its newly released version 1.6.4, Joomla addresses four security risks that affect versions 1.6.3 and lower.
Joomla 1.6.4, which is available for download, and its corrections include fixes for two cross-site scripting, or XSS, problems, inadequate permission checking that could lead to unauthorized access to sites, and a specific issue with inadequate filtering that led to information disclosure holes. Users are advised to upgrade to this new version to resolve these issues. Also, if you currently have 1.6 and want to upgrade to 1.7 in the future, you’ll need to upgrade to 1.6.4 first.
Joomla powers between 1.4 and 2 million websites and is the United State’ second most popular open-source CMS, behind WordPress. It is used in over 200 countries, and is trusted by governmental agencies, including NASA, the US Army, and the US Air Force. The security issues fixed by version 1.6.4 were all medium- to low-priority.
Version 1.6.4 is available for download via Joomla.org.