Joomla update resolves two critical issues and 2FA error read more at here www.spinonews.com/index.php/item/1427-joomla-update-resolves-two-critical-issues-and-2fa-error

Joomla, the world's second popular open source Content Management System (CMS) are strongly encouraged to update their sites immediately. 

According to a report from Joomla! The company releases the most recent version of the CMS, 3.6.4, fixing two critical issues that can lead to account creation and elevated privileges.

Joomla! 3.6.4 is available. It's a security release and we strongly recommend that you update your sites immediately https://t.co/YKr6MamPAx

— Joomla! (@joomla) 25 October 2016

Both the critical vulnerabilities affect Joomla version 3.4.4 through 3.6.3. The update also includes a bug fix for Two-Factor Authentication (2FA).

The account creation bug could allow any user to register on a website, even if the registration process has been disabled, while the elevated privileges flaw could enable users to perform advanced functions on a registered site that ordinary users are not authorized to do.

The update also remedies a two-factor authentication error that started popping up in the CMS last week. Users claim they were met with “Must match character set” error notifications and forced to remove 2FA via their site databases to gain access.

Millions of websites used in e-commerce and other sensitive industries used Joomla, including big brand services such as McDonalds, Linux.com, General Electric, and major news sites.