Wikipedia is one of the most highly visited sites on the Web with over 94 million unique visitors per month. A recently discovered vulnerability could have put those users at risk of malware exploits had it not been discovered.
Check Point researchers found a critical vulnerability in MediaWiki (versions 1.8 and up)—an open source Web platform used to create and maintain ‘wiki’ websites such as Wikipedia.org. If exploited, the flaw would allow an attacker to remotely execute malicious code. A successful attack could enable the attacker to gain complete control of the vulnerable Web server, and possibly compromise visitors by hosting malware on the site.
“It only takes a single vulnerability on a widely adopted platform for a hacker to infiltrate and wreak widespread damage,” said Dorit Dor, vice president of products at Check Point Software Technologies. “We’re pleased that the MediaWiki platform is now protected against attacks on this vulnerability, which would have posed great security risk for millions of daily ‘wiki’ site users.”
Thanks in part to the efforts of Check Point researchers, this crisis has been averted. If attackers had gained control of Wikipedia.org and injected malware code to infect site visitors the results could have been catastrophic and widespread.
This issue also illustrates why it’s important to be aware of discovered vulnerabilities that affect the systems and software you rely on, and why it’s crucial to implement patches and updates in a timely manner when they’re available.
For more details about this specific threat, check out this Threat Cloud Central blog post.
If you have a site that uses MediaWiki 1.8 or later, and you have not applied the latest update, you should do so as soon as possible to ensure your Web server is not vulnerable. Now that news of the flaw is public, and the patch exists for attackers to reverse-engineer, the threat is actually greater and the clock is ticking.