Actualización de seguridad Panel Plesk 10.4 e inferiores

Desde Parallels nos informan de la publicación de una nueva actualización de seguridad referida a su panel en versiones 10.4 e inferiores, tanto para sistemas operativos Linux comom windows.

En esta ocasión se trata de una actualización de seguridad crítica que debería aplicarse a todos los paneles con versiones 10.4 o inferiores, es importante remarcar que esta actualización NO será necesaria de activar en paneles con versión 11.

Nuestra recomendación sería actualizar todos vuestros servicios a versión 11 para actualizar la seguridad de vuestros equipos de forma urgente, en caso de no ser posible esta actualización aplicar el parche para la versión correspondiente. Podeis encontrar toda la información sobre estos Microupdates en el siguiente enlace,

http://kb.parallels.com/114377

Os copiamos a continuación la información facilitada por Parallels,

PARALLELS PLESK PANEL

PARALLELS PLESK PANEL – SECURITY ADVISORY

Dear Parallels Plesk Panel Customer:Please read this message in its entirety and take the recommended actions.Parallels has released a new set of Critical MicroUpdates for certain versions of Plesk Panel 10.4 or earlier to address functional fixes, stability, and security – including for third-party components. This notification is intended to encourage all customers to apply these MicroUpdates at their earliest convenience. These MicroUpdates are not needed for Parallels Plesk Panel 11. Updating prior versions to Parallels Plesk Panel 11 eliminates the need to apply this set of Critical MicroUpdates. Parallels Plesk Panel 11 can be downloaded from: http://www.parallels.com/download/plesk. These Critical MicroUpdates are available for Windows and Linux for the following versions of Parallels Plesk Panel:
  • 10.4.x
  • 10.3.x
  • 10.2.x
  • 10.1.x
  • 10.0.x
  • 9.5.x
  • 9.3.x
  • 9.2.x
  • 9.0.x
  • 8.6.x
  • 8.4.x
  • 8.2.x
Please refer to this Knowledge Base article for installation instructionshttp://kb.parallels.com/114377.By applying this new MicroUpdate, all previous MicroUpdates will also be applied (including those discussed in the most recent advisory: http://kb.parallels.com/113321).Independent of this update Parallels has become aware of unsubstantiated claims of a new Security Vulnerability in Parallels Plesk Panel version 10.4 and earlier (http://kb.parallels.com/en/114330). After extensive investigation, Parallels has traced all reported issues back to the vulnerability already reported and closed with the February 2012 security advisory http://kb.parallels.com/113321. This vulnerability has had patches and remediation steps available since February 2012. Parallels takes the security of our customers very seriously and encourages you to take the recommended actions as soon as possible.Important Note: Your updated Parallels Plesk Panel installation will only be secure if your underlying server infrastructure is correctly maintained and patched. Please ensure that all your server components including operating systems and databases are correctly patched and up-to-date.- The Parallels Plesk Panel Team
About the Author

Comparte esta página: