WordPress under attack, Upgrade to WordPress 2.8.4

by ZK on September 9, 2009

The WordPress Team has confirmed that right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, registers a user and users a security bug to allow a code to be executed through the permalink structure and automatically makes itself the admin of the blog. The worm then uses java script to hide itself when you look at the users page, attempts to clean up the damage and leaves unnoticed as if nothing ever happen while it inserts hidden spam and malware into your posts.

This sounds scary and I am not trying to scare you here, but the fact is that if you are using any other WordPress version other than the latest version 2.8.4, the above could happen to your blog.

The WordPress Team spends a lot of time and effort on fixing bugs to ensure your blog is not hacked, I recommend you to immediately update to the latest WordPress version 2.8.4 to avoid any hacks or bugs. It just takes one click to update to the new version automatically.

Download the latest WordPress Version 2.8.4

Tagged as: Wordpress, wordpress 2.8.4, wordpress latest version

Article by ZK

ZK has written 380 awesome articles for this blog.

If you like This post, you can follow WebTrafficROI on Twitter.

Subscribe to WebTrafficROI feed via RSS or EMAIL to receive instant updates.

WebTrafficROI runs on the Thesis Theme for WordPress

Thesis is the search engine optimized WordPress theme of choice for serious online publishers. If you’re a blogger like me who does not understand any code or technical elements, Thesis will give you a ton of functionality without having to alter any code. For the advanced, Thesis has incredible customization possibilities via Thesis hooks.

With so many design options, you can use the template over and over and never have it look like the same site. The theme is robust and very flexible, the Thesis Theme helps WebTrafficROI to run far more efficiently than ever before.

Limited Offer: Get $477 worth of Bonuses with the Thesis Theme

{ 41 comments… read them below or add one }

Mathew Day September 9, 2009 at 9:17 pm

Wow, that is a little scary. Thanks for the heads up and will definitely upgrade now to the latest version of WP, thanks to you!
Mathew Day´s last blog ..How to Make Money with Clickbank Affiliate Program (Part 1 of 2)

Paul@earn money online September 10, 2009 at 2:20 am

I have alrady seen this post on Balkshi.
Paul@earn money online´s last blog ..Make money with Blogitive

Web Developer September 10, 2009 at 9:06 am: Its important that you upgrade it to the latest version
Web Developer´s last blog ..Wordpress under attack, Upgrade to Wordpress 2.8.4

Reply

Used mack trucks September 10, 2009 at 3:16 am

Yeah .. recently I am as well gone through this news.. If this is actual.. then it MUST have to fix asap.. else it will corrupt the whole systems..

Web Developer September 10, 2009 at 9:13 am

I ve updated it ….thanks ZK
Web Developer´s last blog ..Microsoft named Offensive Ad as Marketing Mistake

Seaward September 10, 2009 at 10:17 am

Sounds really bad, going to update my blog right now…
Seaward´s last blog ..How to Get Rid of Back Acne

paul September 10, 2009 at 1:56 pm: I am updating right now!
paul´s last blog ..August Top Commentators

Reply

game-girl September 10, 2009 at 10:18 am

Do they give you details anywhere on how to exactly hack? Hehe…..feeling a bit evil
game-girl´s last blog ..How to Get Rid of Back Acne

Ste@free PS3 September 10, 2009 at 1:24 pm

Wow, I’ve noticed some strange behaviour on my blog lately. This must be the reason, thanks!
Ste@free PS3´s last blog ..How To Get a Free PS3

paul September 10, 2009 at 1:57 pm: What kind of behavior?

Reply

earn money writing September 10, 2009 at 1:53 pm

thanks for sharing

paul September 10, 2009 at 1:56 pm: yes, thank you.

Reply

Chuggin@bunn coffee maker parts September 10, 2009 at 3:39 pm

That is scary! Thanks for the heads up on updating my Wordpress because I definitely do not want to get my blog hacked. I deal with spam enough as it is, so hacking would be devastating.

Bubba Moe September 10, 2009 at 8:53 pm

I am as well gone through this news.. If this is actual.. then it MUST have to fix asap.. else it will corrupt the whole systems..

Bubba Moe September 10, 2009 at 8:53 pm

Do they give you details anywhere on how to exactly hack? Hehe…..feeling

Mike Standing@Web Pop Site September 11, 2009 at 5:14 pm

You are quite right. As soon as you log onto the blog, especially the older versions you would notice the recent update suggestion box and phrase.

The great thing about Wordpress is that the developing team is always working on providing more secure blogging environments powered by easy updates.
Mike Standing@Web Pop Site´s last blog ..Using The Animation making Applications Sometimes

travel guide September 12, 2009 at 5:20 am

well, I’m scared now. This is very dangerous
travel guide´s last blog ..Travel places in Japan

Video September 12, 2009 at 6:58 am

Fortunely I’ve already upgrade to 2.8.4
Video´s last blog ..Islam’s View On Suicide Bombings

Essay September 12, 2009 at 9:02 am

My experience is very bad with Wordpress upgrade. I always ended up with some kind php error.

Bidet September 12, 2009 at 12:34 pm

Wow that is scary, thanks for the heads up. I wouldnt want that to happen to anyones blog.

wordpress hosting September 12, 2009 at 4:33 pm

I heard about this worm, I just upgraded my wordpress after reading this article, thank you so much for posting.

Pett September 12, 2009 at 4:40 pm

Everything dynamic and very positively!
Pett

Sell House Fast September 14, 2009 at 12:48 am

Thanks for sharing about latest update!

DotComSecrets Review September 14, 2009 at 5:14 am

I had seen same post some where. I don’t remember where i see. But thanks for this nice update.
DotComSecrets Review´s last blog ..Frank Kern’s Mass Control 2.0 Review

Lee Ka Hoong September 14, 2009 at 7:35 pm

Hey ZK, thanks for telling me about this and I didn’t notice what was the problem happened on my blog last 2 weeks! 2 weeks ago, my blog’s permalink structure became messy and all the blog post can’t be access, then I checked and noticed that my permalink structure had been changed, so I edited it and it was back to normal.

Seems that I really need to upgrade to WP2.8.4 already.

Regards,
Lee
Lee Ka Hoong´s last blog ..No More PageRank Sculpting!

Lee Ka Hoong September 16, 2009 at 8:31 am: ZK, I wonder is there any tutorial that teaches how to upgrade to WP2.8.4 manually? I’ve yet to find the tutorial because I remembered that there was a tutorial when I upgraded to WP2.7.

Regards,
Lee

Reply

Kit Homes September 14, 2009 at 10:15 pm

Thanks for the heads up on updating my Wordpress because I definitely do not want to get my blog hacked. I deal with spam enough as it is, so hacking would be devastating.

web design September 15, 2009 at 4:06 am

Well I always recommend to update your blogs even if there is no such threat. Because with the updates you keep yourself updates and also this carry positive impression in the eyes of your visitors or clients.

So keep update the latest version.
web design´s last blog ..Submit Your Link Url Today

kitchen taps September 15, 2009 at 5:46 am

This is really nice update of wordpress, I am going to upgrade 2.8.4

jim@Webinar providers September 15, 2009 at 7:46 am

this is great to read .i already updated it.i just love word press.

Sharmaine | Brochure Printing September 15, 2009 at 6:52 pm

Sounds like Wordpress is having problems lately. First with the formatting, linking and now it was under attack.

Jacques @ Web Design September 16, 2009 at 4:40 am

Go figure that WordPress will be targeted by hackers and spammers, seeing that it is such a popular platform. Kudos to the WordPress team for being so quick to identify and solve issues like this with updates.

Lee Ka Hoong September 17, 2009 at 1:34 am

I’ve upgraded to V2.8.4 without any problem, I was happy that I didn’t face any problem while upgrading yesterday. So my blog is safe now!

Regards,
Lee

DotComSecrets Review September 17, 2009 at 2:31 am

Wordpress’s new version is very nice. Its much better than last one.
DotComSecrets Review´s last blog ..Frank Kern’s Mass Control 2.0 Review

Volksphone September 17, 2009 at 5:47 pm

Thanks for this introduction it seems the international bloggers have to fight more attacks as the german blogs. In germany the attacks are not so massive like in us. But i will update it immediately.

best regards and thx
Volksphone!
Volksphone´s last blog ..Usability-Schnelltest für die eigene Firmenwebsite

game-girl September 18, 2009 at 12:28 am

The progress is evident.
game-girl´s last blog ..Создатель фильма Гладиатор снимет фильм о вампирах

Bubba Moe September 20, 2009 at 10:02 pm

Thanks for the heads up on updating my Wordpress because I definitely do not want to get my blog hacked. I deal with spam enough as it is, so hacking would be devastating.

Kit Homes September 20, 2009 at 10:08 pm

Hey??
Kit Homes´s last blog ..Are there any Exclusions?

Kit Homes September 20, 2009 at 10:12 pm

I’ve noticed some strange behaviour on my blog lately. This must be the reason, thanks!

mike@easy payday loans September 21, 2009 at 3:59 pm

This is one of the reasons I am considering using another blogging platform. There is always a need to upgrade and once you do half your plugins no longer work or your theme gets screwed. It gets kind of annoying!!

Free Proxy - SoftSurf.info September 22, 2009 at 10:37 am