Web Directory

Wordpress 2.6.2 Has Just Been Released

Wordpress version 2.6.2 has just been released. According to Wordpress, version 2.6.2 protects Wordpress from a certain kind of hack that will reset your password among other minor bug fixes.

The hack is triggered whenever someone who registers to your website crafts his username in such a way that will be able to reset another user’s password to a random password. He then is able to take advantage of a weakness in the mt_rand() to be able to guess the randomly generated password. He then will be able to login as that user and can wreak havoc.

I recommend everyone who has open registrations enabled on their blog to uprade to Wordpress 2.6.2 straight away, while upgrading is not so urgent for those like me who have not enabled open registrations on their blog.

Now I just have to wait till after my exams when I have time to be able to properly upgrade my blog. Upgrading Wordpress is one of the things I fear the most, a lot of things have gone wrong whenever I tried to upgrade Wordpress in the past :P .

If you enjoyed this post, make sure you subscribe to my RSS feed!

Related posts:

  1. Wordpress Version 2.6.1 Just Released
  2. How To Highlight Author Comments In Wordpress Without Using Plugins
  3. Submit Your Site To Be Reviewed For Inclusion Into The 9Rules Network
  4. Want To Create Free Graphical Polls? Use GFXPoll
  5. Blogging
posted in Blogging, Wordpress | | written by admin


No comments yet. Be the first to comment, what a privilege!

Leave a Reply

Sponsors


Wealth exposed A-Z Proxies
Want to advertise here?
PJN July Promo
Proudly designed by Drett. Powered by Wordpress. Copyright(c) 2010 |Sitemap|
Visitor Tracker