WordPress Blog Upgrade Released

November 26, 2008

Good Housekeeping:  Upgrade Your WordPress Blog

For fans of the WordPress blogging platform, it’s time to upgrade again. Version 2.6.5 of this popular content management system (CMS) was released late last night. The previous legitimate version was 2.6.3, with version 2.6.4 being a notorious hack. You can get your shiny new download at WordPress.org.

WordPress 2.6.5 fixes one security issue and three bugs. The security issue, an XSS exploit, affects IP-based virtual servers running on Apache 2.x. If you only want the security fix, all you have to do is upload wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release to your server. While copying over two files is a quick fix, the problem is that hackers and bots look for outdated versions of WordPress, and your copy of WordPress will still be shown as the old version 2.6.3 in your blog’s source code.

We’ve recently been upgrading numerous blogs from v 2.0+ to the present version of WordPress. We were secretly pleased when one client told us that she’d wanted to move her WordPress version 2.0+ blog to Network Solutions (NSOL) hosting, but that NSOL had turned her down. This was smart on NSOL’s part: It eliminated hosting of known highly exploitable coide. We only wish more hosting companies would crack down on users running obsolete code on their blogs and websites.

Read about the hacked version of WordPress, which you definitely don’t want.

Copyright ©2008 pajamadeen.com

« Previous PageNext Page »