Filed under: Security, Blogging
WordPress releases urgent security update
WordPress users might have noticed an upgrade notification in their Dashboard's today. This version, dubbed WordPress 2.3.3, has been released as an urgent security update.The problem? Well for blogs with registration enabled, a hole in the XML-RPC implementation was found that could allow a user to edit the posts of other users on that blog.
The WordPress team has two update solutions. If you just want to update the xmlrpc.php file, you can download it here and import it directly to your main WordPress directory (overwriting the file that is in its place now). If you want the full 2.3.3 update, which includes a few minor bug fixes in addition to the XML-RPC exploit, download it here and follow the usual upgrade protocol.
Additionally, if you use the WP-Forum plugin, be aware that it is being actively exploited as a target for SQL injections. Please disable and delete the plugin until a fix is released.
Get a WordPress.com Blog
With Halloween fast approaching, it's a great time to get in some practice defending your territory against zombies. In Graveyard Shift, you take aim at zombies and other creepy-crawlies, blasting them into splatters of cartoony green guts. It's a casual first-person shooter, and it's very easy to get the hang of - use the mouse to aim, click to fire. Graveyard Shift has at least 15 levels, and it might even have some secret stages I haven't unlocked yet.
They key to getting good at Graveyard Shift is learning to use ...
Reader Comments (Page 1 of 1)
Robert H said 7:18PM on 2-05-2008
*phew* I thought I might have been abducted by aliens and started posting ads for online poker in my blog. Glad to know it was just a bug that they have fixed :)
Reply