------- VBULLETIN 4 PATCHES RELEASED --------------------
A flaw within a side query that is used in the search UI has recently been discovered that affects all versions of vBulletin 4 Forum Classic and vBulletin 4 Publishing Suite. This flaw may enable malicious individuals to inject sql that would allow you to run arbitrary queries on the db via this exploit. To resolve this issue, it has been necessary to release a patch level version on all versions of vBulletin 4.X. The issue does not affect vBulletin 3.X to the best of our knowledge. We are not aware of a website that has been compromised by this flaw.
For further details, please check here:
http://www.vbulletin.com/go/vb4xp
To rectify the issue please download the patch from the members area of vBulletin:
http://members.vbulletin.com/
We recommend you install this security patch as soon as possible.
The upgrade process is the same as previous patch level releases - simply download the patch from the Members' Area, extract the files and upload to your webserver, overwriting the existing files. There is no upgrade script required.