Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 1

Serious security breach in Wikipedia

Hackers can use a loophole in one of the world's largest Web sites, remotely take control of it and plant

malware in it. The same loophole also affects hundreds of thousands of other sites.

A particularly severe security breach was discovered on the MediaWiki platform, which is relied by

hundreds of thousands of websites across the net, including the online encyclopedia site Wikipedia, one

of the ten most viewed websites on the Internet.

The loophole is a RCE type (Remote Code Execution), which is one of deep and serious loopholes that

can be detected on a website and that allows remote code execution on a site.

This is the third RCE type breach that was discovered in MediaWiki since its launch in 2006, however it

is probably the most serious breach, because it does not require special tools, browser extensions or

advanced knowledge. Anyone can use the loophole from a browser, and it is very simple to perform.

Even worse, the loophole allows a hacker to gain full access to the web server on which the website is

stored, with all the related implications. The hacker can access the database of the site, the

organizational intranet that is connected to the site, to its users and more. Hackers can also easily

Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 2

transplant malicious code in the site and make any Wiki site a distributor of spyware and Trojans. In

the case of Wikipedia, the hackers could also gain access to all the details of the editors and editorial

history.

The Wikimedia Foundation was already notified about the breach, and quickly amended the security

hole on Wikipedia by releasing new site platform version 1.22.2 with security updates. It is expected

that most independent sites will quickly repair the fault as well. As mentioned, the official website of

Wikipedia has already been fixed.

Because MediaWiki is an open-source platform based on PHP, it allows creating free private and public

Wikipedia websites. There are now hundreds of thousands of Wikis in the world, some deal with

matters such as books, movies and TV series. There are also quite a few internal organization Wikis

such as banks and universities that are all based on MediaWiki and all are vulnerable to attack.

The Wikipedia site combines over 400 thousand Wikis Communities, and together have more than 200

million visitors a month.

It is unknown how many Wiki sites are there all over the world, but the number may be higher than one

million. Not all Wiki sites are vulnerable, but only those that allow uploading of files such as PDF and

other formats.

However, by definition it is a very popular functionality that is implemented in most Wiki sites.

Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 3

About TotalDefense:

Total Defense(@Total_Defense) is a global leader in malware detection and anti-crimeware solutions. We offer a broad portfolio of leading security products for the consumer market used by over four million consumers worldwide. Our solutions also include the industry’s first complete cloud security platform, providing fully integrated endpoint, web and email security through a single Web-based management console with a single set of enforceable security policies

Total Defense is a former business of CA Technologies, one of the largest software companies in the world, and has operations in New York, California, Europe, Israel and Asia.

Visit http://www.totaldefense.com/ for web, cloud & mobile security solutions for home users and businesses.