Since no software is perfect, the bad guys know that probing websites for vulnerabilities occasionally finds an unintentional back door into the program. Exploiting these vulnerabilities can empower them to send spam, surreptitiously link to their own (usually shady) sites, or worse.
Luckily, these vulnerabilities are usually discovered quickly and reported to the software vendor/developer who produced the package, and a security update or patch is released relatively quickly.
The trick is that you, the site owner, need to be made aware of the update's availability.
WordPress, for one, makes this pretty easy: upon logging into the administrative interface, you're immediately presented with the option to upgrade if a newer version is available. (And don't forget installing WordPress is a snap at Modwest as well.)
Other packages may not have such a feature, and so it's wise for site owners to subscribe to the email list, RSS feed, or forum in which important announcements about your software are released.
Unfortunately it's not feasible for any hosting company to stay abreast of every security update associated with every web software package out there. So, it's important for site owners to stay abreast of the latest updates. Here's a few links associated with some of the most popular webware out there, where you can stay informed:
- WordPress current events
- Joomla's Vulnerable Extensions List and Security Forum
- Drupal's Announcement Forum and Security Mailing List
- Moveable Type Release Announcements
- Zen Cart Release Announcements
- X-Cart Release Announcements
- phpBB Announcement Forum
- vBulletin Announcement Forum
- Gallery Announcement Mailing List
- Interspire Product Update Forum
Don't see your favorite webware here? Feel free to add a comment!
Comments