About 2 weeks ago, I received an e-mail from Barrie North of Compass Designs, telling me about a security vulnerability within Joomla 1.15 wherein a person could get in and change my admin password, thus advising me to urgently upgrade to version 1.5.6 to avoid disaster. Sadly, I did not take notice.
A few days after that, I received an e-mail from somebody, telling me about the same vulnerability. The only difference is that he told me he would fix the issue for $200. So I logged in to my administrator’s control panel and behold… that person changed my admin password. Luckily though, that was the only problem and I have a database back-up so I restored the original password. Right away I downloaded and applied the patch from Joomla.
Lesson learned: always check and apply new patches, especially security patches, and always listen to experts. Yeah I should have listened to Barrie in the first place… 🙂