Incident Response, TDR, Vulnerability Management

RCE bug found in platform that powers Wikipedia, other “Wiki” sites

Researchers have discovered a critical vulnerability in MediaWiki, an open source web platform used to manage Wikipedia.org and other “Wiki” sites.

On Wednesday, Check Point Software Technologies, an Israel-based security firm, revealed that software version 1.8 and later of MediaWiki software was vulnerable to remote code execution (RCE).

The RCE bug is particularly threatening to users' online safety because an attacker can remotely exploit the vulnerability to gain control of a Wikipedia.org web server, for instance, and potentially spread malware to site visitors.

According to internet traffic rankings from Alexa, Wikipedia.org is the sixth most popular website in the world.

On Tuesday, Chris Steipp, a software security engineer at Wikimedia Foundation, posted an announcement online saying that a security update was available for MediaWiki users in light of the bug discovery.

“Your MediaWiki installation is affected by a remote code execution vulnerability if you have enabled file upload support for DjVu (natively supported by MediaWiki) or PDF files (in combination with the PdfHandler extension),” Steipp wrote. “Neither file type is enabled by default in MediaWiki installations. If you are affected, we strongly urge you to update immediately.”

Check Point notified the security team for MediaWiki about the vulnerability on Jan. 19.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.