WordPress Security Warning
WordPress developers have warned users their popular CMS is under attack from a ‘clever’ worm that automatically compromises unpatched versions of the WordPress system. The particularly nasty bug crawls the web for vulnerable WordPress installations, installing malware, deleting content, and generally wreaking havoc wherever it can on unpatched installations.
WordPress founder Matt Mullenweg eloquently implored WordPress bloggers to update more frequently. Originally, updating the WordPress system was a rather laborious process. However, newer versions offer fast and simple one-click upgrades. The two most recent versions of WordPress (2.8.3 and 2.8.4) cannot be attacked by the worm discovered this week, and blogs hosted at WordPress.com are also apparently immune.
Moral of the story, update and update often!