WordPress team has released WordPress 2.8.5 today as a hardening release to make WordPress extra secure. Because the update improves your site security, it is recommended that you upgrade as soon as possible.
The headline changes in this release are:
- A fix for the Trackback Denial-of-Service attack that is currently being seen.
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.
If you think your blog was a victim of one of the recent exploits, WordPress recommends you to use WordPress Exploit Scanner to make sure that all traces of the exploit has been cleared.
Upgrade now, and make sure that you follow the Ultimate Guide to Upgrade WordPress.
Shinzies
@V,C making such statement is so wrong, doing some quick search i found that you are hosting i guess your website with xlhost. So of course it would not bother you if someones hardware is being abused. However people who run their own small blogs or websites should indeed upgrade to 2.8.5.
Being an Editor of the site with Admin account is one thing.
However being an system or network Admin is the other one.
You yourself is nothing more than a reactive type of admin.. Fixing B.S after your stuff gets compromised..
True security is done through proactive security, making sure that you test and then implement patches..
Your choice!
However do not make such trolling statements..
Harsh Agrawal
Saw this update Yesterday and the first thing which I did
was Backup my Db and updated the wordpress. Though wordpress are releasing very quick update..
V,C
I don’t understand why they released the new version so quickly after the last update 2 months ago.
I don’t see any changing in this new version. It’s not really necessary to upgrade.