Critical glibc Vulnerability Patched on all SiteGround Servers

gnu

Hours ago a critical vulnerability in  the GNU C Library (glibc) was announced alongside a proof of concept for the attack. This library is one of the main components in the majority of Linux distributions (if not all) including those, used for server OS’es. Without getting into too much technicalities, the exploit allows an attacker to remotely execute code by following a simple link. That’s one of the most severe vulnerabilities discovered in the recent years and potentially affects pretty much any Linux server out there.

Given that all SiteGround servers run on CentOS – a Linux distribution, we took immediate measures to secure our machines. I am happy to announce that a patch has been applied on all our servers and our customers are well protected against this security threat!

author avatar
Hristo Pandjarov

WordPress Initiatives Manager

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!

Comments ( 12 )

author avatar

Tom

Feb 18, 2016

At SiteGround, how was this handled and how did it affect customers? At my host, without warning, they took server down for maintenance so my site was down for almost 1 hour. I did not have time to warn site visitors nor did I even know the cause until I rushed home, got on tech support and they told me about this issue.

Reply
author avatar

Iskra Rasheva Siteground Team

Feb 18, 2016

Sorry for your bad experience Tom. At SiteGround we updated the glibc library and reset the services using it with zero downtime for our customers.

Reply
author avatar

Fran

Feb 18, 2016

Hi there, unfortunately my site is still down! Not working at all! Thanks

Reply
author avatar

Iskra Rasheva Siteground Team

Feb 18, 2016

Fran, your site is now up and running! The connection loss was due to a DDoS attack as we informed in your User Area. This is not related to the fixed glibc vulnerability.

Reply
author avatar

Fran

Feb 18, 2016

It's working now! thank you so much!!!!!

Reply
author avatar

Don Green

Feb 18, 2016

My site dreamgreen.org is still down after at least 4 hours. Any news?

Reply
author avatar

Iskra Rasheva Siteground Team

Feb 18, 2016

Don, please log in to your User Area and read the important information we have posted. Your site has significantly exceeded the server resource limits, which has caused the service interruption. Please get in contact with our Support team to assist you further. Note that your case is not related to the glibc vulnerability fix.

Reply
author avatar

Don Green

Feb 18, 2016

Seems like a denial of service attack.

Reply
author avatar

Iskra Rasheva Siteground Team

Feb 18, 2016

Our support specialists will be able to give you more info Don. Please post a ticket and they will look after you.

Reply
author avatar

Mark

Apr 26, 2016

Hello, if possible I'd like to know how Site Ground deal with security vulnerability of Php versions, that have reached the End of Life, like versions 5.3 or 5.4 Thanks

Reply
author avatar

Daniel Kanchev Siteground Team

Apr 27, 2016

Hi, Mark. I already replied to your comment here.

Reply
author avatar

Mark

Apr 27, 2016

Perfect, thank you.

Reply

Start discussion