A recent vBulletin 4 (all versions, Suite & Classic) report indicated that if an installation had been hacked previously, the attacker could hide malicious code to allow a repeated attack. To further strengthen vBulletinÂ’s security - additional security checking and query cleaning were added to thwart such attacks.
The issue does not affect vBulletin 3.x.
To improve the security of your vBulletin 4 installation please download the patch from the members area of vBulletin: http://members.vbulletin.com/
We recommend you install this security patch as soon as possible.
The upgrade process is the same as previous patch level releases - simply download the patch from the Members' Area, extract the files and upload to your webserver, overwriting the existing files. There is no upgrade script required.
More...
The issue does not affect vBulletin 3.x.
To improve the security of your vBulletin 4 installation please download the patch from the members area of vBulletin: http://members.vbulletin.com/
We recommend you install this security patch as soon as possible.
The upgrade process is the same as previous patch level releases - simply download the patch from the Members' Area, extract the files and upload to your webserver, overwriting the existing files. There is no upgrade script required.
More...
