Massive Wordpress 2.1.1 Exploit. Upgrade To 2.1.2

Right, this comes as a very important note.

There is an exploit in Wordpress 2.1.1 that was added by a cracker that managed to hack into one of the Wordpress servers. To this date, no one knows when this exactly happened, but if you downloaded version 2.1.1, then you better download and upgrade to Wordpress 2.1.2 right away due to the exploit that allows for remote PHP execution.

Further details can be found at the Wordpress Development Blog which explains the problem and what you could do to help out.

Download Wordpress 2.1.2 at the Wordpress.org site.

This shows almost any site no matter what they are, can be vulnerable against security breaches. The smartest thing you can do now especially if you're a Wordpress user is check to see it you're running Wordpress 2.1.1 or if you don't know, contact your webhost or the person helping you run the blog to find out and then upgrade to the latest version.

That goes to say vigilance is key to protecting yourself. I'm glad that the guys developing Wordpress were on their toes on this one. We should all be very glad indeed.

0 Trackback and Pingbacks: »

5 People Said A Couple Of Things: »

earl-ku wrote from on March 3, 2007 at 08:03 and said:

but 2.1 is fine?

Comment Permalink
Kamigoroshi wrote from on March 3, 2007 at 08:27 and said:

Version 2.1 is fine. The exploited code only affected Version 2.1.1.

Comment Permalink
sharina wrote from on March 3, 2007 at 11:43 and said:

Blogspot ftw

Comment Permalink
Davoood wrote from on March 3, 2007 at 18:56 and said:

Or Movable Type? Nah….just keep up to date with the security news and we’ll be fine.

Comment Permalink
Kamigoroshi wrote from on March 3, 2007 at 19:30 and said:

Sharina: Hahaha…if you’re fine with it, then that;s alright. I like total control of my blog, that’s why I stick with it.

Davoood: Yeah, as long as everyone pays attention, we’re all good.

Comment Permalink