Urgency on Security Fixes for Bug 80338 and Bug 84547
Bug 80338 (Feb 2013) is a Local File Inclusion vulnerability that leads to potential Privilege Escalation:
Bug 84547 is a newer Critical Security Vulnerability (Dec 2013) that has not had further details released (in order to protect other customers):
There is great urgency for getting this patched on your platform, as there is an exploit for Bug 80338 in the wild, discussed here:
And it has been used to install upload rogue Zimlets and bitcoin mining processes (and potentially others) on some customer systems. You can read about the clean-up steps for this here:
As noted, there are patches and upgrades available here:
Please let us know if further questions. Please upgrade or patch at first opportunity. Sorry for the difficulties on this.