What the heck is going on, you ask? Say hello to Tersus.

Bare bones? You got it. Tersus is an achingly simple WordPress theme without all the usual cruft.

Super Ginormous

This is the personal site/blog/experiment of Chris Harrison, a web designer living, working and playing in Augusta, GA.

|

Friday, March 2nd, 2007

Critical WordPress Update

I’ve been using WordPress for a while now, and this is the first time I’ve heard of a critical WordPress exploit… I just upgraded to 2.1.2 and I recommend you read the articles below and upgrade immediately!

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.

This item was posted by Chris Harrison.

Tags:

Categories:

You can follow comments on this item via the RSS 2.0feed.

Comments are closed.

10 comments on “Critical WordPress Update”

  1. Posted by Andy Thompson on Friday, March 2nd, 2007.

    I heard it here first. Thanks, bro.

  2. Posted by Andy Thompson on Friday, March 2nd, 2007.

    I heard it here first. Thanks, bro.

  3. Posted by Matt (mithrill) on Saturday, March 3rd, 2007.

    del.icio.us and on the Godbit forum.

    Thanks for sharing the two wordpress links. I hadn’t seen the second post about the Emergency Update Notification for WordPress 2.1+.

  4. Posted by Matt (mithrill) on Saturday, March 3rd, 2007.

    I’m glad you’re also trying to get the word out about this critical update. I also mentioned it in my RSS feed by del.icio.us and on the Godbit forum.

    Thanks for sharing the two wordpress links. I hadn’t seen the second post about the Emergency Update Notification for WordPress 2.1+.

  5. Posted by Chris Harrison on Saturday, March 3rd, 2007.

    I saw the links on the WP dashboard… I’m not sure what the exploit was… but I did notice a weird folder in my root site dir last night that was created on 2 Mar 07. Hopefully they’ll release more info on what exactly happened and what could have happened if people didn’t upgrade.

  6. Posted by Chris Harrison on Saturday, March 3rd, 2007.

    I saw the links on the WP dashboard… I’m not sure what the exploit was… but I did notice a weird folder in my root site dir last night that was created on 2 Mar 07. Hopefully they’ll release more info on what exactly happened and what could have happened if people didn’t upgrade.

  7. Posted by Matt (mithrill) on Saturday, March 3rd, 2007.

    Yeah, I noticed the message on my dashboard late yesterday afternoon. I haven’t checked to see if anything weird is going on with my blog yet, but I hope they post some additional info about the problem. My guess is the WordPress developers want to wait till people have a chance to update the software before publishing information about the exploit…no need for more people to have the knowledge to hack wordpress.

  8. Posted by Matt (mithrill) on Saturday, March 3rd, 2007.

    Yeah, I noticed the message on my dashboard late yesterday afternoon. I haven’t checked to see if anything weird is going on with my blog yet, but I hope they post some additional info about the problem. My guess is the WordPress developers want to wait till people have a chance to update the software before publishing information about the exploit…no need for more people to have the knowledge to hack wordpress.

  9. Posted by Chris Harrison on Saturday, March 3rd, 2007.

    Yeah…. letting people know what could be exploited could encourage people other than the cracker responsible to exploit the exploit.

  10. Posted by Chris Harrison on Saturday, March 3rd, 2007.

    Yeah…. letting people know what could be exploited could encourage people other than the cracker responsible to exploit the exploit.