Birthday Bash Giveaways | Mobile Buzz | Gadgets Buzz | Write For Us / Guest Post
« View Opera Cache Content With Opera Cache Viewer
Yahoo Messenger Adds Support To Import Contacts From FaceBook »
8
Sep

WordPress 2.6.2 Released, Mandatory Update

Keith Dsouza
WordPress Tips and Tricks Print Post Save as PDF Translate

Related Content

Comments

Save & Share

Recommend

Search Content

Top Posts

I'm Feeling Lucky

WordPress team has released a new update to the 2.6 branch which addresses issues when your blog has public registrations open.

If you allow open registration on your blog, you should definitely upgrade.  With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password.  The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit.  However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password.

This definitely looks a problem good enough to upgrade your WordPress right away, The exploit is not yet known and it is advised that you upgrade before the finder of the exploit makes the findings known to general public.

We have already updated to the latest version, since we have public registration open using WPAU, if you want to upgrade to WordPress easily, try this Google search and you will find what we are talking about

Download WordPress 2.6.2

Browse Related Articles




Bookmark/Add Subscribe

Did not find what you were looking for? Try searching for what you were looking for.


Tags: , ,

2 Responses so far | Share Your Opinions!

  1. Ann Arbor Web Design
    September 9th, 2008 at 11:45 am #

    Thanks for that timely reminder about wordpress’s 2.6.2 update I keep meaning to get around to it.

Trackbacks

  1. Another Wordpress Release: Version 2.6.2 | afewgoodpens.com

Leave a Comment

Note: We discourage users from using keywords in their names while posting comments, most of them get caught by spam, also it really would be more fruitful in knowing people who comment by their real name, rather than by using a name no one relates to. In future we reserve the right to delete comments from users using a name other than their own.

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>



Subscribe Get Regular Updates From Techie Buzz
Twitter: @keithdsouza | @techiebuzzer