Important update MySQL security

Important update: MySQL security

Martin Starkie CMS Live Services, Online Security, Server Side & Web Technical

MySQL security issue

As hosting providers, we take any security issues very seriously. Our clients and the successful day-to-day running of their online businesses rely on us being knowledgeable and quick-to-act on any issues that might occur.

Our servers run on MySQL, one of the most widespread database management systems around. Even large companies like Google, Facebook, and Twitter use it.

Recently, a security flaw in MySQL 5.5, 5.6, and 5.7 appeared, affecting thousands of servers out there.

The flaw worked by enabling root access to servers with default configurations. This opened up MySQL’s configuration files to tampering, enabling a false library to be set up on the server and enabling the injection of malicious code.

This meant if a web application’s permissions weren’t locked down on our servers, this single vulnerability could turn into a remote root for hackers to access. This in turn meant our clients’ data and applications were vulnerable to attack or theft.

When issues like this arise, hosting providers like us the fix that is usually issued by the main provider. In this case, MySQL issued updates 5.5.52, 5.6.33, and 5.7.15.

As soon as the update patches for MySQL were released, we applied them to our servers, re-securing them against this vulnerability.

As a hosting provider with our own servers to manage, we need to be aware of vulnerabilities and issues like this all the time. This means staying up to date with industry trends, news, and updates.
Ultimately, it is MySQL that is responsible for the fix and we can only apply the fixes they present. But being aware of the issues puts us far ahead of those who aren’t. We always keep our servers up-to-date and secured.

Web Hosting

Do you need fast reliable web hosting? Get in touch for a friendly chat.

Share this Post