Matt Mullenweg( wordpress creator), says:
"Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts."
Here is the full article:http://www.podcastingnews.com/2009/09/05/the-wordpress-fix-wordpress-doesnt-want-you-to-know-about/
I happen to agree with many who have commented that this 'fix' in not really a fix at all.
When Wordpress was started, it was just about the only good game in town. Now I see other programs giving it a run for it's money. Although I really like Wordpress, and think it has a lot to offer( great support, plugins, and just plain ole great people), Wordpress needs to up it's security and really make it harder for hackers to hack, or it may just lose it's "King of the Hill" status.
Did this worm get others who follow your blog? Is this a case for reformat, reimage and reboot, like Jeremy's rules? Is it possible for you to see the javascript that hides the worm?
ReplyDeleteI am not sure who else got it from me. It was injected into a comment and took a while to find. I have redone everything, but I think the harm was done before I ( or should I say Dave) caught it.
ReplyDelete