|
Wordpress 2.1.1 Release Compromised by Cracker |
Thousands of servers running the Wordpress blogging software are at tremendous risk after it was revealed that a cracker had gained control of one of the Wordpress download servers and modified the software's source code.
The hack was done shortly after the new version 2.1.1 was released, and was undetected for several days.
Potentially thousands of people who upgraded to the latest 'security release' version of Wordpress have unintentionally installed what amounts to a trojan horse on their web server.
Matt Mullenweg, founding developer of Wordpress, was alarmed to discover "unusual and highly exploitable" code in version 2.1.1 of the software.
"If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately."
Wordpress is among the most popular blogging packages, used to publish tens of thousands of blogs worldwide.
Read more at: . |