WordPress 2.8.5 “Hardening Release” is released now. WordPress recommends every site to upgrade to the latest version. According to the WordPress Blog,
We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought were worth back-porting to the 2.8 branch so as to get these improvements out there and make all your sites as secure as possible.
The important changes and fixes that are done in this release are as follows:
- Fix for the Trackback Denial-of-Service attack that is being seen.
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.
WordPress Blog recommends all sites to upgrade to this new version of WordPress to make sure the best available protection.
WordPress also recommends to use the WordPress Exploit Scanner, if you think your site may have been hit by one of the recent exploits and you would like to make sure that you have cleared out all traces of the exploit. This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames. You can read more about this plugin here.
About Mezanul
Saw this update Yesterday and the first thing which I did
was Backup my Db and updated the wordpress. Though wordpress are releasing very quick update..
Yes Harsh, I too think that the updates are dropping very quick. But the good thing is, this shows that the WordPress community is very active and are taking steps in making WordPress more and more secure, which is very important.
What do you say?