vBSEO Security Bulletin - vBSEO 3.3.2 Released

October 27, 2009

A potentially serious security vulnerability has necessitated the release of vBSEO 3.3.2. All customers are urged to upgrade immediately to vBSEO 3.3.2. This hole effects all versions prior to 3.3.2. If left un-patched, your system could become compromised.

3.3.2 also contains a few minor bug fixes that have been reported since the 3.3.1 release.

Download 3.3.2 Now
https://www.vbseo.com/downloads/


Patching Older Versions
If you are not prepared to upgrade to 3.3.2 at this time, patching your current version is available. Please download the file that correlates to your installed version and follow the instructions below:

Patch for vBSEO 3.3.2: vBulletin SEO Forums
Patch for vBSEO 3.3.1: vBulletin SEO Forums
Patch for vBSEO 3.3.0: vBulletin SEO Forums
Patch for vBSEO 3.2: vBulletin SEO Forums


vBSEO versions 3.1 and older have met End Of Life and will not be patched in this or future updates. If you are on a version older than vBSEO 3.2, you should upgrade to at least vBSEO 3.2 (latest, 3.3.2 recommended).

Installing the Patch:
Advanced users:

• FTP the files, overwriting current installation files.

Step by Step:

• Download the correct version for your board's vBSEO version from the link above
• Extract the archive with an un-zip tool
• Upload entire contents of the folder to your vBulletin installation folder, allowing for overwrite within your FTP client to replace current files.

There is no upgrade script, product to install, .htaccess file changes, or config file changes needed to be made with this patch.


Need Help?
If you have any questions about upgrading or patching your install, please create a support ticket: vBSEO.com Helpdesk. Our staff are standing by to help should you run into a problem.

Your security is our top priority,
The vBSEO Team

Am I the only one have trouble with the 3.3.2 download? The file is unrecognized or the wrong format according to my computer.

Jim

I just tested the download again. Working fine here.

When does it give you this error? on download? on unzip?

Download for 3.3.2 full worked fine - but after upgrading I got problems with license key. After several minutes it worked again ... strange things.

When using IE8, it gives an error during the download. I tried again and didn't get the error and it appears to have downloaded the whole package and I was able to unpack it. I have not installed the upgrade on my own forum yet though.

When downloading the package for one of my customer's, I use Firefox and it does download. But when I try to unpack it, I get this error:

Originally Posted by WinRAR Diagnostic messages:

[path to package]: The archive is either in unknown format or damaged

Jim

Originally Posted by eJM

When using IE8, it gives an error during the download. I tried again and didn't get the error and it appears to have downloaded the whole package and I was able to unpack it. I have not installed the upgrade on my own forum yet though.

When downloading the package for one of my customer's, I use Firefox and it does download. But when I try to unpack it, I get this error:

Jim

Try using the default Windows unzipping feature, instead of Winrar.

How "potentially serious" is this? Can we have some details?

My server admin has dropped off the face of the planet, and apparently the credentials have changed. I need to know if I have to disable vBSEO until I can get access.

Originally Posted by hydn

What's the difference between the patch and the version upgrade as far as file changes?

I notice only two files changed in the patch download.

Thanks

3.3.2 also includes fixes for bugs that were discovered within vBSEO 3.3.1. Please remember that vBSEO version updates always include bug fixes that are discovered in older versions. That's why we always suggest our users run the latest vBSEO versions.

Originally Posted by hydn

Thanks, whats the link to the change log?

As this is a security update we'll not supply a detailed change log within this release.

Originally Posted by mmorpgitalia

hihihihihihi!! Lol!

Thanks for the notice , corrected