"Danger!" - Upgrade WordPress Now! Seriously!

wordpress

#1

I know, I know! I sound like a broken record or a tecno mantra, but it needs to be said, again, that if you are running an installation of WordPress, you really do need to keep it up to date. If you don’t, the question really isn’t whether or not your site will be exploited, but rather when it will be exploited (and how much damage will be done).

It’s been about 6 months since I last wrote about this on these forums, and there have been numerous releases of WordPress during that time - and huge numbers of sites that have not been upgraded, and have been subsequently exploited,

I’m writing about it again now, because of a newish rash of exploits seen recently that have surfaced on sites running WP versions as recent as 2.6.3.

I won’t go into all of the details of the exploit here (It is all over the web, and Google is the friend of inquiring minds), but if you have an “remv.php” file in your “wp-content/themes” directory, “Congratulations, you have been had.”

One excellent resource describing this in the wild, and detailing how to rid yourself of this digital vermin, is Jason Cosper’s article titled, “WordPress, remv.php and You”. This is a good read, and is highly recommended.

There have been no confirmed reports as of yet of the WP 2.6.5 version being compromised, but there really is no reason at all not to just upgrade to the absolutely beautiful 2.7 version that has just been released.

This version has a wonderful new admin interface, and it is worth upgrading your blog for that feature alone. Oh yeah, and the fact that you really shouldn’t let your blog become a zombie you can’t control by not upgrading … just saying.

Upgrade. Please. Do it now. Seriously.

–rlparker
–DreamHost Tech Support


#2

Thanks. You are so much more efficient than the upgrade alert robot. I’ve yet to receive email telling me that a new WP version is available.

-Scott


#3

Another new interface template? Again? I just got used to the last one! I don’t like chaaaange

(The one-click upgrade is working flawlessly so far, I’ll let ya know if I manage to break it. I’m pretty good at breaking stuff.)

~
website building website building biz
my obligatory dreamhost coupon list


#4

Thanks for the reminder, Robert. It’s so easy to fall behind when you have a several sites, have work getting busy, and have the holidays all taking up your time!

Use the [color=#CC0000]3DOM50[/color] promo code for 3 extra lifetime domains and $50 off
More Dreamhost coupons here!