Use MediaWiki and hate malware? This patch is for you
Check Point Software Technologies has announced a remote code execution bug in the popular MediaWiki platform that powers Wikipedia.
As detailed here: “Your MediaWiki installation is affected by a remote code execution vulnerability if you have enabled file upload support for DjVu (natively supported by MediaWiki) or PDF files (in combination with the PdfHandler extension). Neither file type is enabled by default in MediaWiki installations. If you are affected, we strongly urge you to update immediately.”
The vulnerability affects all versions of the software higher than 1.8. MediaWiki attributes discovery of the bug to Checkpoint’s Netanel Rubin, and the link above provides the relevant patch.
According to Check Point, an attacker could gain access to a vulnerable MediaWiki server and use it to push malware to visitors.
As Check Point notes, Wikipedia gets 94 million visitors per month, making the potential reach of an exploit pretty serious.
It is, the company says, only the third RCE bug turned up in MediaWiki since 2006. ®