14 DAY TRIAL // Earlier this week, we learned that hackers breached OpenX.org and compromised the download files for OpenX Source 2.8.10. The altered files, which allowed hackers to execute arbitrary code on the affected website, had been hosted on the site since November 2012.
Today, OpenX has released version 2.8.11 of the OpenX Source. Upgrading to the latest version is mandatory, the company says.
“This vulnerability only applies to the free downloadable open source product, OpenX Source,” Nick Soracco, OpenX senior application security engineer, wrote in a blog post.
“It’s important to note that all of OpenX’s main suite of products, including OpenX Enterprise (ad serving), OpenX Market (exchange) and OpenX Lift (SSP) are not affected in any way and customers of those products should be advised that no action is necessary.”