Blog Software Update: Urgent WordPress Update

Writing by Brick Marketing on Sunday, 10 of February , 2008 at 6:32 am

There is a new WordPress blog software update available that closes a potential security problem. To quote the WordPress.org release note:

[source]WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

The release also advises the removal of WP-Forum plugin as that also has a security problem that is being exploited.

If you do not have registration activated then may not need this blog software update. If you do have registration enabled then consider seriously whether or not you need it. If you don’t then disable it. If you do require it then you will need the update.

If you have been installing all the WordPress blog software updates then you will only need to replace the xmlrpc.php file as advised. Otherwise you will need to do the full update.

As I understand the current situation, there will not be a 2.4 upgrade. WordPress will go straight to 2.5 for its next major blog software upgrade.

Blog and Website Design & Website Development Price Quotes – Compare and Save!


Category: Blog Software

No Comments

No comments yet.

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Blog Marketing Journal


Blog Marketing Journal is a Blog that discusses How to Build, Write Market and Promote a Business Blog for the new and advanced reader.
Learn more about this blog.