Aurstad Web Consulting » Updates http://aurstad.org With Experience in Web Development, Marketing and Online Business. Providing his Knowledge as a Consultant to Clients World-Wide for the Past 8 YEARS and Counting... Mon, 07 Sep 2009 18:25:10 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Update: WordPress 2.8.4 Security Release http://aurstad.org/updates/update-wordpress-2-8-4-security-release/ http://aurstad.org/updates/update-wordpress-2-8-4-security-release/#comments Wed, 12 Aug 2009 05:16:54 +0000 Haavard Aurstad http://aurstad.org/?p=154 New WordPress 2.8.4 security release. A new vulnerability was discovered yesterday by the WordPress team. As usual, like any other security release, its highly recommended that you upgrade your older WordPress version.

From the WordPress Team this morning:

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

We fixed this problem last night and have been testing the fixes and looking for other problems since then. Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress.

Make sure you update your WordPress to the latest version by simply using the Automatic Update from your WordPress admin or manually download WordPress 2.8.4.

]]> http://aurstad.org/updates/update-wordpress-2-8-4-security-release/feed/ 0 Update: WordPress 2.8.3 Security Release http://aurstad.org/updates/update-wordpress-2-8-3-security-release/ http://aurstad.org/updates/update-wordpress-2-8-3-security-release/#comments Tue, 04 Aug 2009 05:38:10 +0000 Haavard Aurstad http://aurstad.org/?p=84 A new WordPress 2.8.3 security update! It’s not that long ago since we had a security path released, but here it is, although it came a little surprising to me.

As for what this security path is all about, this is what the WordPress Team had to say:

Unfortunately, I missed some places when fixing the privilege escalation issues for 2.8.1.  Luckily, the entire WordPress community has our backs.  Several folks in the community dug deeper and discovered areas that were overlooked.  With their help, the remaining issues are fixed in 2.8.3.  Since this is a security release, upgrading is highly recommended.  Download 2.8.3, or upgrade automatically from your admin.

So make sure you update your WordPress to the latest version by simply using the Automatic Update from your WordPress admin or manually download WordPress 2.8.3 from here

]]> http://aurstad.org/updates/update-wordpress-2-8-3-security-release/feed/ 0