Skip to main content

Checkup Documentation

Security hotfix might be needed

severity-high security-hotfix-needed

Summary

Kentico Xperience security hotfixes are a little different from your standard Kentico hotfixes. Security hotfixes keep your site safe from any known security vulnerability. Kentico will only release a security hotfix when a vulnerability or new attack vector is discovered in the C#, .Net, or JavaScript code of Kentico.

Part of that equation is knowing when a security hotfix is available for your Kentico site. Constant Care for Kentico will watch all Kentico Xperience security hotfix releases and notify you if your site is missing any. Constant Care for Kentico covers not having to manually check for new hotfixes that could expose your site to attacks. 

The Toolkit for Kentico teams recommends always staying current with all security hotfixes. You shouldn't miss any of them, and you should apply the security hotfixes when they are released.  Applying every hotfix is not always possible in the real world, though. There are times when the security hotfix is for a feature that you do not use on your site. The tool also allows you to configure how many missing security hotfixes that your site has. This allows for some tolerance, but keeps you safe from getting too far behind.

Check Logic

Constant Care for Kentico will ensure the number of security hotfix you are missing is no more than 0 (default)

You can manage your settings for this checkup in the Constant Care for Kentico admin settings.

Resolution

To check your Kentico version (including hotfix number), log into the administration site. Then click the question mark at the top right of the screen. This will show the current version of Kentico.

To review the list of Kentico hotfixes. Go to Kentico's Hotfix page:

https://devnet.kentico.com/download/hotfixes


Expand your current Main version (ex 12.x)
Then click the Security Bugs link to review the security hotfixes version numbers vs your current version.
Click the Security bug details to review what was fixed.

If this looks like something that should be installed. Work with your team to get the hotfix applied.
Otherwise, you can update your check setting in your Constant Care Admin area to ignore this latest hotfix.

 

Not sure what to do?

If you are ever unsure about making changes to your site, we encourage you to reach out to your Kentico Xperience Gold Partner. If you do not have a partner, then feel free contact the Constant Care For Kentico team to get connected with an expert.