• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Get Started
Support
Call us
Email Us
BizzyWeb | Minneapolis Web Design & Digital Marketing

BizzyWeb | Minneapolis Web Design & Digital Marketing

The Best Choice for Digital Marketing in Minnesota

  • Services
    • Growth-Driven Web Design
    • Digital Marketing
    • Inbound Marketing
  • Portfolio
  • About
    • About Us
    • Our History
    • Our Team
    • Tools We Use
  • Events
  • BizzyNews
  • Contact
  • Get Started
  • Support
You are here: Home / BizzyWeb / Important Support Reminder: TimThumb Update Required for Affected Sites
Call us
Find BizzyWeb

Important Support Reminder: TimThumb Update Required for Affected Sites

10 years ago

Reading Time: 2 minutes

Earlier this month, hackers began exploiting a vulnerability discovered in an image-resizing utility called TimThumb. This tool, which is widely used in over 40 million WordPress powered websites, was used on many BizzyWeb websites created before October 2010, and requires an update and/or removal to fix the vulnerability. Any BizzyWeb customers whose site was developed on or after October 2010 are not affected by this issue. 

After some analysis and waiting out the pundits and security experts, we’ve gauged the danger to be great enough that we wanted to alert each of our customers and offer to update their sites. BizzyWeb customers who host with us via BizzyWeb’s branded hosting service have already had this issue fixed for free as part of our hosting agreement (if you’d like to enjoy similar security and convenience, please contact us to talk about our branded hosting plans). 

Details of the TimThumb vulnerability are included below: 

Mark Maunder, the CEO of Feedjit, discovered the problem when his own blog started loading ad content when previously his blog contained no ads. 

He blogged about the problem, tracing it to an issue with the “timthumb.php” library, which is used within the theme he purchased for his blog..  The timthumb.php library was used in many free and premium themes to resize images for thumbnails. The developer of TimThumb, Ben Gillbanks, was the first to comment on Maunder’s post. “I can’t apologize enough for this oversight in the code and hope nobody has anything too bad happen to their sites because of my error.“

Mark Maunder and Ben Gillbanks, and other members of the WordPress community have been working tirelessly over the last several days to get the message out and to release fixes that take care of the problem. For more information about the TimThumb.php hack, and how to patch your website please visit Mark Maunder’s website.

More information is also available at Matt Mullenweg’s site (the founder of WordPress). 

Beginning in mid 2010, BizzyWeb has exclusively developed websites using the Genesis framework for WordPress, and websites developed with the Genesis framework are not affected. Some of the websites we developed prior to moving to the Genesis framework likely have the TimThumb vulnerability.  

How can you tell if your site uses the Genesis Framework?

  1. Log into your  websites dashboard
  2. Look for  the Genesis Settings area on the left hand side

If your site isn’t using the Genesis Framework, please contact your existing webmaster and share a link to this page with them (if your site is managed through BizzyWeb via Dreamhost, we can make changes for a fee, or we can move you to our branded hosting and take care of the vulnerability as part of the hosting agreement).  If you need to direct your current webmaster to more information about this vulnerability and how to patch it at Mark Maunder’s website.

BizzyWeb is also available to help.  Please contact us and fill out a Support Request at BizzyWeb.com/Support.

You can subscribe to the customers-only updates by email by clicking this link (1-3 times per month, only for customers, gets you access to special customer-only offers, training classes and more).

And you can also subscribe to BizzyWeb News and tips by email (1-3 times per week, consisting of industry news, helpful tips and tricks and more).

Author: Dave Meyer Filed Under: BizzyWeb, Client Updates, WordPress Tagged: security, service, support, TimThumb

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

How to Convince Your Boss to Choose GDD Over Traditional Web Design

How to Convince Your Boss to Choose GDD Over Traditional Web Design

2 years ago

For those considering a Growth-Driven Design program, here is how you can convince your boss it's a worthy investment. 

Growth-Driven Design for the Manufacturing Industry

Growth-Driven Design for the Manufacturing Industry

2 years ago

With the rise of smaller shops and more tech-savvy customers, a functional manufacturing website is now a necessity. Growth-Driven Design can help you get there.

Why Growth-Driven Web Design Can Improve Your Sales Process

Why Growth-Driven Web Design Can Improve Your Sales Process

2 years ago

If your website isn't bringing you consistent quality leads, it's time to try a new approach: Growth-Driven Web Design.

Footer

Services

  • Digital Marketing
  • Inbound Marketing
  • Growth-Driven Web Design
  • Email Marketing
  • Pay Per Click Advertising
  • Search Engine Optimization
  • Social Media
  • Web Design
  • Brand Strategy
  • Website Hosting

Resources

  • Tutorials
  • Webinar Archive
  • Events
  • Client Area
  • Careers

Follow Us

Find Us

11190 Commerce Dr N
Minneapolis, MN 55316

612.424.9990

Keep In Touch

Subscribe to BizzyNews for the latest trends in Web Design, Inbound Marketing and Digital Marketing. Join over 5,000 people who receive our free monthly tips.

Partners

Copyright © 2021 · Minneapolis Web Design by BizzyWeb All Rights Reserved | Privacy Policy | Terms & Conditions | Log in