WHID 2008-41: A Joomla first day exploit

Joomla is a widely used open source content management system. Many administrators reports that a vulnerability announced August 12^th was immediately exploited by hackers to attack Joomla based web sites. Another report shows a specific site that was defaced by exploiting the same vulnerability.

This incident shows the importance of timely patching, but also brings back the age old debate around publication of vulnerabilities by researchers. Does it contribute to software security or just helps the hackers?