{"id":393,"date":"2016-04-08T12:14:16","date_gmt":"2016-04-08T12:14:16","guid":{"rendered":"https:\/\/www.fastcomet.com\/blog\/?p=393"},"modified":"2022-06-10T07:05:32","modified_gmt":"2022-06-10T07:05:32","slug":"pagespeed-module-update-cve-2016-3626","status":"publish","type":"post","link":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626","title":{"rendered":"PageSpeed Module Update Addressing CVE-2016-3626"},"content":{"rendered":"\n<p class=\"has-drop-cap\">Google has released an important <a href=\"https:\/\/developers.google.com\/speed\/pagespeed\/module\/announce-sec-update-201603#overview\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">security notice<\/a> regarding a vulnerability (CVE-2016-3626) in the PageSpeed Module. The recommendation was to immediately update to the newest version of PageSpeed as all previous versions were affected.<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>CVE-2016-3626 permits a third party to trick the PageSpeed module into making arbitrary HTTP requests on arbitrary ports and re-hosting the response. If the machine running PageSpeed has access to services that are not otherwise available, this can reveal those resource and can also be used for cross-site scripting (XSS). XSS is one of the most commonly documented security vulnerability and enables attackers to inject client-side scripts into web pages as well as bypass access controls and tracking pages to reveal data as if another page of the same origin has requested it.<\/p>\n\n\n\n<p>We, at FastComet address this by updating all of our shared hosting servers to the latest stable release of PageSpeed (ver. 1.9.32.14). The maintenance was performed without any downtime for our clients and their websites.<\/p>\n\n\n\n<p>Additionally, all FastComet <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.fastcomet.com\/cloud-vps\" target=\"_blank\">VPS<\/a> and <a href=\"https:\/\/www.fastcomet.com\/dedicated-servers\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">Dedicated servers<\/a> are set on auto update, thus no further actions from our customers are required.<\/p>\n\n\n\n<p>We have and will continue to stay on top of possible security vulnerabilities that could expose our clients to malicious activities.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google has released an important security notice regarding a vulnerability (CVE-2016-3626) in the PageSpeed Module. The recommendation was to immediately update to the newest version of PageSpeed as all previous versions were affected.<\/p>\n","protected":false},"author":3,"featured_media":643,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[140,4723],"tags":[32,9,78],"class_list":["post-393","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-hosting","tag-pagespeed","tag-security","tag-update"],"featured_image_src":"https:\/\/www.fastcomet.com\/blog\/wp-content\/uploads\/2016\/04\/page-speed-update.jpg","author_info":{"display_name":"Antoniy","author_link":"https:\/\/www.fastcomet.com\/blog\/author\/antoniy"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>PageSpeed Module Update Addressing CVE-2016-3626 | FastComet<\/title>\n<meta name=\"description\" content=\"To keep our user-base safe from possible exploits involving the CVE-2016-3626 vulnerability found in the PageSpeed Module, we have updated all of our Servers to the latest stable version that hotfixes the issue.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PageSpeed Module Update Addressing CVE-2016-3626 | FastComet\" \/>\n<meta property=\"og:description\" content=\"To keep our user-base safe from possible exploits involving the CVE-2016-3626 vulnerability found in the PageSpeed Module, we have updated all of our Servers to the latest stable version that hotfixes the issue.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626\" \/>\n<meta property=\"og:site_name\" content=\"FastComet Blog\" \/>\n<meta property=\"article:published_time\" content=\"2016-04-08T12:14:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-06-10T07:05:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.fastcomet.com\/blog\/wp-content\/uploads\/2016\/04\/page-speed-update.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Antoniy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Antoniy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PageSpeed Module Update Addressing CVE-2016-3626 | FastComet","description":"To keep our user-base safe from possible exploits involving the CVE-2016-3626 vulnerability found in the PageSpeed Module, we have updated all of our Servers to the latest stable version that hotfixes the issue.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626","og_locale":"en_US","og_type":"article","og_title":"PageSpeed Module Update Addressing CVE-2016-3626 | FastComet","og_description":"To keep our user-base safe from possible exploits involving the CVE-2016-3626 vulnerability found in the PageSpeed Module, we have updated all of our Servers to the latest stable version that hotfixes the issue.","og_url":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626","og_site_name":"FastComet Blog","article_published_time":"2016-04-08T12:14:16+00:00","article_modified_time":"2022-06-10T07:05:32+00:00","og_image":[{"width":1024,"height":620,"url":"https:\/\/www.fastcomet.com\/blog\/wp-content\/uploads\/2016\/04\/page-speed-update.jpg","type":"image\/jpeg"}],"author":"Antoniy","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Antoniy","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626","url":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626","name":"PageSpeed Module Update Addressing CVE-2016-3626 | FastComet","isPartOf":{"@id":"https:\/\/www.fastcomet.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626#primaryimage"},"image":{"@id":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626#primaryimage"},"thumbnailUrl":"https:\/\/www.fastcomet.com\/blog\/wp-content\/uploads\/2016\/04\/page-speed-update.jpg","datePublished":"2016-04-08T12:14:16+00:00","dateModified":"2022-06-10T07:05:32+00:00","author":{"@id":"https:\/\/www.fastcomet.com\/blog\/#\/schema\/person\/9c06dae35ff0e0a3a169eeae762a08d2"},"description":"To keep our user-base safe from possible exploits involving the CVE-2016-3626 vulnerability found in the PageSpeed Module, we have updated all of our Servers to the latest stable version that hotfixes the issue.","breadcrumb":{"@id":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626#primaryimage","url":"https:\/\/www.fastcomet.com\/blog\/wp-content\/uploads\/2016\/04\/page-speed-update.jpg","contentUrl":"https:\/\/www.fastcomet.com\/blog\/wp-content\/uploads\/2016\/04\/page-speed-update.jpg","width":1024,"height":620},{"@type":"BreadcrumbList","@id":"https:\/\/www.fastcomet.com\/blog\/pagespeed-module-update-cve-2016-3626#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.fastcomet.com\/blog"},{"@type":"ListItem","position":2,"name":"PageSpeed Module Update Addressing CVE-2016-3626"}]},{"@type":"WebSite","@id":"https:\/\/www.fastcomet.com\/blog\/#website","url":"https:\/\/www.fastcomet.com\/blog\/","name":"FastComet Blog","description":"FastComet Web Hosting Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.fastcomet.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.fastcomet.com\/blog\/#\/schema\/person\/9c06dae35ff0e0a3a169eeae762a08d2","name":"Antoniy","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fastcomet.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/bebc2fa14b210e2e79c8a90be5e115a9b1cae5a04fe1151f238a76958c85a8ed?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/bebc2fa14b210e2e79c8a90be5e115a9b1cae5a04fe1151f238a76958c85a8ed?s=96&d=mm&r=g","caption":"Antoniy"},"description":"Antoniy\u2019s primary goal at FastComet is helping grow our client base through affiliates and strategic partnerships. It is all about statistics analysis, communication with our affiliates, working on various campaigns, searching the web for trends and generating ideas for future projects. You're likely to run across him at some point in the FastComet Community, too because he loves getting in and interacting with our great customers. You can always count on him to come up with strategic ideas for the team and is always searching for the smartest ways to spread our brand and services worldwide.","sameAs":["https:\/\/www.fastcomet.com"],"url":"https:\/\/www.fastcomet.com\/blog\/author\/antoniy"}]}},"_links":{"self":[{"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/posts\/393","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/comments?post=393"}],"version-history":[{"count":4,"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/posts\/393\/revisions"}],"predecessor-version":[{"id":3729,"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/posts\/393\/revisions\/3729"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/media\/643"}],"wp:attachment":[{"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/media?parent=393"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/categories?post=393"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fastcomet.com\/blog\/wp-json\/wp\/v2\/tags?post=393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}