Wordpress 2.8.5 Security Update is out!

Wordpress.org has released their latest security update. Wordpress 2.8.5 is out now!

Over the past few months Wordpress.org has worked hard towards securing their popular blogging platform. In the process they managed to close some serious security loopholes in Wordpress 2.8.4. Now they have released another security update to their popular blogging platform in the form of Wordpress 2.8.5.

They have identified a number of security hardening changes which they say were back-porting to 2.8 branch and they are suggesting that all bloggers and websites using wordpress 2.8.4 must now upgrade to wordpress 2.8.5 and make all your sites as secure as possible.

The important changes in this release are:

• A fix for the Trackback Denial-of-Service attack that is currently being seen.
• Removal of areas within the code where php code in variables was evaluated.
• Switched the file upload functionality to be whitelisted for all users including Admins.
• Retiring of the two importers of Tag data from old plugins.

Also Peter at Wordpress.org made a wise suggestion at the release:

He suggests If you think your site may have been hit by one of the recent exploits and you would like to make sure that you have cleared out all traces of the exploit then we would recommend that you take a look at the WordPress Exploit Scanner.

Wordpress Exploit Scanner is a plugin which searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.  You can download this plugin here – “WordPress Exploit Scanner”

We suggest that everyone ugprades to the latest version; Wordpress 2.8.5 to ensure you have the best protection available for your blog.

Read more about the latest Wordpress security release and download wordpress 2.8.5, click here!

[Source: Wordpress.org]