By March 6, 2007

Emergency WordPress upgrade to 2.1.2

Just in case you haven’t seen it on your WordPress dashboard, there is an emergency update to take WordPress to 2.1.2. There was a problem with the 2.1.1 version because a cracker modified the WordPress code that would allow for remote PHP execution. Here’s an excerpt from the official WordPress news release:

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

If you are running 2.1.1, as Gibberish was, please update immediately.

Related posts:

No tags for this post.
Posted in: link and run, site news

Comments are closed.