For those who haven’t seen/heard…
2 Likes
From a non-IT-trained person who somehow ended up wearing an IT hat… how would one review their company’s website to determine if it uses (or has a WordPress Plug-In or other which might use) the Polyfill platform?
… asking for a friend.
2 Likes
If you are running WordPress then the Plugins/extenaions are in their own menu in the control panel…
Which reminds me 
MOVEit again…
And possibly TeamViewer:
4 Likes
Well, I haven’t seen any evidence of Polyfill, no direct code or plug-in from them… but, still have to worry about someone else’s code. My IT group was able to patch their security to evaluate website code for apparent red-flags pertaining to that one and then started combing our site as if they were a typical visitor to see if anything set off any alarms. So far so good.
We do use TeamViewer, so, that’s a concern. I alerted my IT group, and they said they were already aware of that one. But I hadn’t heard about it, so, thanks for the link @Mark_Wonsil.
2 Likes
Luckily, the polyfill.io one was patched at the infrastructure level, at least at cloudflare.
Cloudflare redirected any requests to polyfill.io to their own cdn, with clean versions of the code.
polyfill.io has been taken down as well.
2 Likes