Critical WordPress Update

Standard

I’ve been using WordPress for a while now, and this is the first time I’ve heard of a critical WordPress exploit… I just upgraded to 2.1.2 and I recommend you read the articles below and upgrade immediately!

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.

10 thoughts on “Critical WordPress Update

  1. I’m glad you’re also trying to get the word out about this critical update. I also mentioned it in my RSS feed by del.icio.us and on the Godbit forum.

    Thanks for sharing the two wordpress links. I hadn’t seen the second post about the Emergency Update Notification for WordPress 2.1+.

  2. I saw the links on the WP dashboard… I’m not sure what the exploit was… but I did notice a weird folder in my root site dir last night that was created on 2 Mar 07. Hopefully they’ll release more info on what exactly happened and what could have happened if people didn’t upgrade.

  3. I saw the links on the WP dashboard… I’m not sure what the exploit was… but I did notice a weird folder in my root site dir last night that was created on 2 Mar 07. Hopefully they’ll release more info on what exactly happened and what could have happened if people didn’t upgrade.

  4. Yeah, I noticed the message on my dashboard late yesterday afternoon. I haven’t checked to see if anything weird is going on with my blog yet, but I hope they post some additional info about the problem. My guess is the WordPress developers want to wait till people have a chance to update the software before publishing information about the exploit…no need for more people to have the knowledge to hack wordpress.

  5. Yeah, I noticed the message on my dashboard late yesterday afternoon. I haven’t checked to see if anything weird is going on with my blog yet, but I hope they post some additional info about the problem. My guess is the WordPress developers want to wait till people have a chance to update the software before publishing information about the exploit…no need for more people to have the knowledge to hack wordpress.

Comments are closed.