Newsletter

Get my very best Tips, Exclusive Promotions, Reports and Mailings!
Sign up and get a free copy of my eBook The Affiliate's Start Guide, learn how to create a website and start making money online!

Most Popular Articles

    None found

Subscribe

RSS

TwitterCounter for @bomega

WordPress 2.6.2 Upgrade – Important Security Upgrade

September 9th, 2008

Written by Mr Javo

Another upgrade of WordPress has released today and this time it’s about a security hole. This upgrade is specially for the persons who allow open registrations on their blogs. If it’s your case, you should update your WordPress to the latest version as soon as possible. Here is the note:

If you allow open registration on your blog, you should definitely upgrade. With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password. The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password. Stefan Esser will release details of the complete attack shortly. The attack is difficult to accomplish, but its mere possibility means we recommend upgrading to 2.6.2.

Anyways, I recommend you to upgrade to the latest version, and I would like to take advantage of this post to recommend you the WordPress Automatic Upgrade Plugin, which you can upgrade your wordpress with simple clicks.

 

So once upgraded, feel safe to register on this blog, remember that good features are coming!

 

If you enjoyed this post, consider subscribing to my RSS feed.

Wordpress


RSS feed | Trackback URI


6 Responses to “WordPress 2.6.2 Upgrade – Important Security Upgrade”

Comment by what about blog | 10 Sep 2008 at 11:36

Everyone that uses WordPress should download that plugin. Makes things so much easier.

 
Comment by Dennis Edell Subscribed to comments via email | 11 Sep 2008 at 12:06

Thanks for the plugin buddy, should help when I actually upgrade sometime :-)

Dennis Edells last blog post..Merging Blogs: Internet and Offline Markeing Together. I’d Like Your Thoughts.

 
Comment by Dennis Edell Subscribed to comments via email | 11 Sep 2008 at 12:08

Weird commentluv issue…Merging Blogs is not my latest post :shock:

Dennis Edells last blog post..Merging Blogs: Internet and Offline Markeing Together. I’d Like Your Thoughts.

 
Comment by Mike | 12 Sep 2008 at 03:47

Thanks for the plugin Javo,

Mike

 
Comment by Norhafidz | 12 Sep 2008 at 17:07

wordpress is upgrading fast, I’m tired of upgrading them already, grateful you give the link for the plugin, will try it soon :grin:

 
Comment by Abdul | 15 Sep 2008 at 08:43

Hey, I was also thinking of getting that plugin, it is pretty slick!

Abduls last blog post..Follow or NoFollow? – Where the Difference Lies

 
CommentLuv Enabled

Trackback responses to this post

  • I'm Happy. Are You?
  • Highest Affiliate Referral Commission
  • Tips and tricks for bloggers
  • Advertise Here
© 2008. All Rights Reserved. Mr Javo dot Com is proudly Powered By WordPress | Blog design by Mr Javo