WordPress 2.8.5 Has An Enhanced Security System
Even the upcoming candidate for the most popular blogging platform WordPress should have the version number 2.9, a new release from the 2.8 branch is available: WordPress 2.8.5. It represents a security update, which should be treated as a priority by WordPress blog owners, because WordPress version 2.8.5 provides a fix for the Trackback Denial-of-Service attack, a recent severe security exploit, identified for several numbers of times.
In a post published on the official WordPress Blog, Peter Westwood explains the importance of WordPress 2.8.5 version:
“As you know over the past couple of months we have been working on the new features for WordPress 2.9. We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought were worth back-porting to the 2.8 branch so as to get these improvements out there and make all your sites as secure as possible.”
Besides the Trackback Denial-of-Service attack fix, WordPress version 2.8.5 shows the following main changes:
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.
In order to ensure the maximum level of your WordPress website, you can also run WordPress Exploit Scanner plugin. It will analyze files, posts and comments tables of your database in order to decide if you have cleaned the traces of the exploit.
WordPress version 2.8.5 is available for free download from Wordpress.org website.
Related Articles
