WordPress 2.3.3 Update
Every time WordPress sends out an update, you get a nice (and annoying) message in your administration panel. It isn’t uncommon to go a couple of weeks ignoring the alert to avoid the hassle of another upgrade; but WordPress users should bite the bullet in this case, as the update is urgent for a blog’s security.
Security Fixes in 2.3.3
Namely, there is only one security flaw fixed in WordPress 2.3.3. The problem lies within the registration system, which has been found to give some crafty hackers full access to edit posts of other registered users- including the administrator!
You are not affected by this security flaw if you have registration disabled. But the upgrade is necessary nonetheless, as the possibility of anyone having complete control of your blog is at least a little horrific.
Also in security news, the WordPress blog states that there is vulnerability in the WP-Forum plug-in. The exploit, in specifics, is the traditional SQL injection attack- where hackers are given the ability to run and execute code inside one’s databases. In the right hands this gives the hacker full control of a website or blog. It has been recommended that those with the plug-in disable it immediately, and wait for further updates from the plug-in author.
Minor Bug Fixes in 2.3.3
WordPress 2.3.3 is primarily a security fix- those who upgrade from 2.3.2 won’t notice any significant bug fixes. Because of this fact, WordPress gave users the option to download only the security update instead of the full upgrade.
Where To Download WordPress 2.3.3
To get the full upgrade, proceed to download the ZIP file at the following location:
To view the minor bug fixes you likely don’t need, proceed to the following URL:
To only install the security fix, follow the instructions given within the download file at:
To read more on the flaw with WP-Forum, proceed to the fo
more on: WordPress Hosting