Wordpress 2.1.1 may contain nasty surprise

Posted Mar 2nd 2007 7:45PM by Dan Lurie
Filed under: Internet, Security, Blogging, Web services, Open Source

Breaking news on the internets right now as Matt over at WordPress is reporting some serious issues with packages of WordPress 2.1.1 downloaded over the past 3-4 days. According to a blog post, a malicious intruder gained access to the wordpress.org servers and modified the files being made available for download. How exactly this happened is still unknown.

The long-and-short of the situation is this: if you downloaded and installed the most recent version of WordPress from wordpress.org in the last few days, you weren't downloading the official release– you were downloading a modified version that likely includes some sort of back-door.

Although only a subset of in-the-wild copies of 2.1.1 contain the vulnerability, the development team has declared the entire release "dangerous," and highly suggest all users upgrade to 2.1.2.

View Posts By

Categories

Audio (830)

Beta (325)

Blogging (686)

Browsers (19)

Business (1361)

Design (803)

Developer (926)

E-mail (511)

Finance (127)

Fun (1734)

Games (545)

Internet (4754)

Kids (129)

Office (491)

OS Updates (574)

P2P (175)

Photo (458)

Podcasting (167)

Productivity (1298)

Search (246)

Security (533)

Social Software (1085)

Text (436)

Troubleshooting (51)

Utilities (1901)

Video (1010)

VoIP (138)

web 2.0 (729)

Web services (3311)

Companies

Adobe (183)

AOL (48)

Apache Foundation (1)

Apple (466)

Canonical (35)

Google (1296)

IBM (28)

Microsoft (1304)

Mozilla (455)

Novell (19)

OpenOffice.org (43)

PalmSource (11)

Red Hat (17)

Symantec (14)

Yahoo! (350)

License

Commercial (667)

Shareware (194)

Freeware (1946)

Open Source (897)

Misc

Podcasts (13)

Features (380)

Hardware (167)

News (1107)

Holiday Gift Guide (15)

Platforms

Windows (3577)

Windows Mobile (421)

BlackBerry (44)

Macintosh (2050)

iPhone (82)

Linux (1571)

Unix (78)

Palm (177)

Symbian (121)

Columns

Ask DLS (10)

Analysis (24)

Browser Tips (293)

DLS Podcast (5)

Googleholic (195)

How-Tos (97)

DLS Interviews (19)

Design Tips (14)

Mobile Minute (125)

Mods (68)

Time-Wasters (374)

Weekend Review (38)

Imaging Tips (32)

RESOURCES

• Send us news tips
• Contact Us
• Advertise
• Corrections?
• Problems?

RSS NEWSFEEDS

• 
• Feeds by category

Sponsored Links

Advertise with Download Squad

Most Commented On (60 days)

• Mozilla Firefox breaks non-existent world record - nobody cares (50)
• FormatFactory Kicks Media Conversion Ass and Takes Names (26)
• Windows XP goes bye bye (23)
• Trillian turns 8, no Astra beta birthday gift quite yet (15)
• We heart movies and so do you, let's heart them together (13)
• Ubuntu 8.10 alpha 1 packs a new theme (finally) (12)
• Expect more and better Last.FM apps, thanks to a new API (10)
• Windows Steady State Bulletproofs Your System (9)
• Noise of the white variety, right on the webernets (8)
• The ancient art of paper folding with a modern twist (8)

Recent Comments

• Mysterius on Opera partners with Ask.com
• Kiran on The power of PowerPoint in a flash movie
• uhh on Opera partners with Ask.com
• edward on Truecrypt Updates to v6, Hides Your Subversive Plots Even Better!
• Asa Dotzler on Opera partners with Ask.com
• Asa Dotzler on Opera partners with Ask.com
• Wil on KOffice comes to Windows: A brief loook at KOffice 2.0 Alpha 8
• edward on FormatFactory Kicks Media Conversion Ass and Takes Names
• Mark on Undelete Plus Offers Free, Fast File Recovery
• Riley on FormatFactory Kicks Media Conversion Ass and Takes Names

Urlesque Headlines

• Wide Wurld of Urlesque: Blow Things Up!
• God Bless the Cyber-USA
• Beat the Heat, Watch Free Patriotic Movies Online
• Did You Mean Digg?
• Celebrity Websites 1.0

BloggingStocks Tech Coverage

• AAPL Apple Inc
• ADBE Adobe Systems
• AKAM Akamai Technologies
• AMZN Amazon
• CSCO Cisco Systems
• DELL Dell
• EBAY eBay
• GOOG Google
• INTC Intel
• INTU Intuit Inc
• JAVA Sun Microsystems
• MOT Motorola
• MSFT Microsoft
• NOK Nokia Corp
• ORCL Oracle Corp
• PALM Palm Inc
• RHT Red Hat Inc
• RIMM Research in Motion
• SYMC Symantec Corp
• TWX AOL Time Warner
• YHOO Yahoo!

More from AOL Money and Finance

• Auto Loans
• Banking
• Checking Account
• Credit Cards
• Credit Reports
• Debt Management
• Identity Theft
• Insurance
• Loans
• Money
• Mortgages
• Online Tax Filing
• Personal Loans
• Refinancing
• Retirement
• Savings Account
• Small Business
• Stock Charts
• Stock Quotes
• Stock Screener

More Tech Coverage

• Control Shift It's all about the experience
• Somewhat Frank Perspectives on tech as it fuses in everyday life
• Switched Gadgets, web news and commentary
• Urlesque Exposing bits of the web

Weblogs, Inc. Network

• Autos
  • Autoblog
  • AutoblogGreen
  • Autoblog Spanish
  • Autoblog Chinese
  • Autoblog Simplified Chinese
• Technology
  • Download Squad
  • Engadget
  • Engadget HD
  • Engadget Mobile
  • Engadget Chinese
  • Engadget Simplified Chinese
  • Engadget Japanese
  • Engadget Spanish
  • Engadget Polska
  • Switched
  • TUAW (Apple)
• Lifestyle
  • AisleDash
  • DIY Life
  • Gadling
  • Green Daily
  • Luxist
  • ParentDish
  • Slashfood
  • Styledash
  • That's Fit
• Gaming
  • Joystiq
  • DS Fanboy
  • Massively
  • Nintendo Wii Fanboy
  • PS3 Fanboy
  • PSP Fanboy
  • WoW Insider
  • Xbox 360 Fanboy
  • Big Download
• Entertainment
  • Cinematical
  • TV Squad
• Finance
  • BloggingBuyouts
  • BloggingStocks
  • WalletPop
• Sports
  • FanHouse Main
  • NFL
  • NBA
  • MLB
  • NCAA Football
  • NCAA Basketball
  • NASCAR
  • NHL
  • Golf
  • Fantasy Football
• Also on AOL
  • African-American Culture
  • Cars
  • Games
  • Maps
  • Money
  • Movies
  • Music
  • News
  • Radio
  • Sports
  • Television
  Travel

All contents copyright © 2003-2008, Weblogs, Inc. All rights reserved

Download Squad is a member of the Weblogs, Inc. Network. Privacy Policy, Terms of Service, Notify AOL