Security update for 4.10.0

Written by:

Just now, Shannon stumbled upon a bug in the recent 4.10.0 release, that exposes a security issue |
This security problem ONLY affects installs of 4.10.0

Just now, Shannon stumbled upon a bug in the recent 4.10.0 release, that exposes a security issue. 

This security problem ONLY affects installs of 4.10.0 and is easily fixed by downloading the patch file on CodePlex to upgrade your site to 4.10.1.

How to upgrade:

  • Download the
  • If you extract the files using Window's built in compression tool you will need to 'UNBLOCK' the ZIP filefrom the Properties Dialog before doing so. Otherwise your installation may not include all required files.
  • Place the dll files you find in the patch zip file in your /bin folder
  • Change the version number in your web.config from 4.10.0 to 4.10.1
    • Or if you still have the install folder in place, run the installer, it will do the exact same thing (update the version number). There are no database upgrades.
  • All done!

We've update the version checker so anybody running 4.10.0 should see an upgrade message soon.

We urge everybody with a 4.10.0 site to upgrade to 4.10.1 as soon as possible. Versions OTHER than 4.10.0 are NOT affected at all, so you won't need to take any action for those.

Our sincere apologies for the incovenience!

Loved by developers, used by thousands around the world!

One of the biggest benefits of using Umbraco is that we have the friendliest Open Source community on this planet. A community that's incredibly pro-active, extremely talented and helpful.

If you get an idea for something you would like to build in Umbraco, chances are that someone has already built it. And if you have a question, are looking for documentation or need friendly advice, go ahead and ask on the community forums.

Want to be updated on everything Umbraco?

Sign up for the Umbraco newsletter and get the latest news and special offers sent directly to your inbox