We usually don’t post much about WordPress but we have a whole category related to Blogging where we can sometime review interesting plugins and news. Today’s news comes as a warning to all self-hosted WordPress users. If your WordPress is not updated to the latest version 2.8.4 then you are under risk…..huge risk.
There is a new worm spreading fast that can install malware and spam in your posts published on a self-hosted WordPress blog(yes, even WordPress can be infected). Once installed, all your information becomes available to hackers. This warning unlike other previous warnings comes directly from Matt Mullengen, founder of WordPress, because….ummm…its tough to catch.
The vulnerability that allowed the attack was fixed earlier in mid August by WordPress and they encouraged users to upgrade to latest version 2.8.4, but most users have still not upgraded.
Those who haven’t upgraded yet, there is a good news for them. The worm is spreading quite fast and there is a chance…huge chance….that your blog might get infected. So either rejoice or use common sense! (Sorry for being sarcastic here).
Moral: When WordPress tells you to upgrade, then upgrade without question. They have a reason to tell users that they need to upgrade. If you think the guys over at WordPress are a bunch of apes, then you can ignore their advice otherwise follow it immediately.
If you think your site was hacked, WordPress has a whole FAQ there to help you. Enjoy!