photo by Scott Beale
There is a particularly nasty WordPress attack making the rounds right now which Lorelle talks about on her blog. If you are not running the latest version of WordPress (2.8.4), you should upgrade immediately. If you’re not sure if your installation of WordPress is running the latest version, you can check by logging into your Dashboard.
WordPress founder Matt Mullenweg talks about how to keep WordPress secure.
Popular blogger Robert Scoble didn’t upgrade his WordPress blog and as a result, two month of his blog posts were deleted. There’s are active discussion about what happened with Robert on FriendFeed and Hacker News.
Running a web hosting company we see first hand what happens when people don’t upgrade WordPress and their is blog compromised. It’s is not pretty. It can take quite a while fix the damage and often people find out that Google considered their blog a security risk, blocking it from search.
If you’ve ignored the warnings and it’s too late, here’s information on how to recover from a compromised WordPress install.
The good news is that once you are running the latest version of WordPress you’ll be able to do one click automatic upgrades, making the process super easy.
While you are at it, check out these suggestions on how to harden WordPress to make it more secure.
NOTE: This attack only affects self-hosted installations of WordPress. Blogs on WordPress.com are automatically updated.
More Coverage: Slashdot, Mashable and TechCrunch.

















{ 7 comments… read them below or add one }
FYI – I know of one individual who used the “one click upgrade” and it completely hosed his blog. Beware.
You can also us this patch http://pastebin.com/f6697b79
It’s better to actually upgrade WordPress than rely on patches.
i know but it’s a 3 day week-end, it could be a b plan
Phillipe,
Can you provide a little more info on that patch and how to utilize it? I need to upgrade a WP install but can’t do it until after the weekend and this would save my butt.
Oh god, that pic scared me. Thanks for the info!
Yeah, nothing like some zombies to help motivate a software upgrade.
You must log in to post a comment.