Browse archive

Latest news

Experts highlight top data breach vulnerabilities

Review: Logging and Log Management

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

New WordPress update a must for users

Posted on 23 April 2012.

A new stable version of the popular free open source blogging tool WordPress is available for download, and users are advised to do get a move on and install it, as it's a security update for all previous versions.

Among the external libraries used by WordPress that have also received security updates are Plupload and SWFUpload (for uploading media), and SWFObject (for embedding Flash content).

A number of additional security vulnerabilities have been addressed in WordPress 3.3.2:

a limited privilege escalation that allowed site administrators to deactivate network-wide plugins when running a WordPress network under particular circumstances,
a XSS vulnerability that was possible to exploit when making URLs clickable, and
several other XSS flaws that affected the handling of post-comment redirects and URL filtering.

Current users can download the update from the Dashboard -> Updates menu in their site’s admin area.