Late last week, the Joomla! CMS leadership announced that there was a security release being published on October 25 at 11:00 am (ET) to address a critical security vulnerability. We were advised to plan to apply this update immediately. Release 3.6.4 came out today as planned.
eKamria updated all Joomla! websites updated before noon and notified all customers about the update.
In our five years using Joomla!, this is only the second time we experienced this type of urgent notification. We received notification from Joomla! as well as from companies specializing in Joomla! security and Joomla! training. Here is a link to the Joomla! CMS Security Release 3.6.4 notice if you would like to learn more.
This was a high priority fix. Once the release was out, those who wish to exploit the vulnerability also know about it. We appreciate all the work that the Joomla! volunteers did in getting this release out in a timely manner and for getting the word out so we could prepare. We have only been impressed with the Joomla! community over these years, and this is a good example why!