Update Joomla 1.5 and 2.5 With Security Hotfixes

[Update]This advice applies for both Joomla 3.4.6 and 3.4.7. They are patching the same file.

Joomla 3.4.6 was released today in order to fix a serious security vulnerability. For Joomla 3 users, updating is a simple one-click process from their admin area.

However, unlike previous security issues, this one applies not only to Joomla 3, but also to older versions including Joomla 1.5 and 2.5.

If you have sites running Joomla 1.5 or 2.5, follow these instructions to update today. According to security analysts, this vulnerability is being actively exploited, so please don't waste any time in updating.

How to make your Joomla 1.5 or 2.5 site safe

You need to update 1 file in order to fix your site. This is the key file:

  • /libraries/joomla/session/session.php

You will need to login to your hosting company's servers via CPanel or FTP.  You need access to the Joomla files, so you can’t do this via the Joomla administrator.

Here's the process you can use to update your site:

Update Joomla 1.5 and 2.5 With Security Hotfixes