Hardly a week goes by that a new exploit or attack vector doesn’t come to light that your IT staff has to try to defend against.
The most recent threat comes from a vulnerability in the PHP Mailer Library, which is code used by most of the websites in existence today to help manage the sending of emails.
If you have a website for your business, then it’s almost certain that you have a form your customers can use to reach out to you. If you do, then odds are good that you’re using code from the PHP Mailer Library regardless of it you’re aware of it.
This particular threat has a bit of a story behind it because it was first uncovered a couple of months ago by a security researcher named Dawid Golunski.
In response to his discovery, a patch was released (PHPMailer 5.2.18), but it was later found that the patch was incomplete. Hackers could bypass the patched portion of the code and execute the exploit anyway. A new patch is being readied in response.
In terms of risk, this vulnerability isn’t as severe as others we’ve seen in recent months because its exact impact depends in large part on how your website’s mail function is configured.
There’s good news on that front. If you used a CMS (Content Management System) like Joomla or WordPress to build your business site, then the odds of this issue having any notable impact are quite low, because in their default settings, those platforms bypass the vulnerable parts of the code.
Nonetheless, the risk is quite real, and if a hacker uses this exploit successfully against you, he could gain almost total control of your website. The hacker could infect the server your website is on, displaying ads with poisoned images or links to malware that will make life miserable for your customers.
Make sure your staff is aware of the potential problem, and be on the lookout for the latest patch!