[webarch-wp] WordPress critical security releases
Chris Croome
chris at webarchitects.co.uk
Thu Nov 20 21:03:44 GMT 2014
Hi
If you are running a supported version of WordPress it should
automatically update to a secure version, but please check or ask us to
if you are unsure:
WordPress 4.0.1 is now available. This is a critical security release
for all previous versions and we strongly encourage you to update your
sites immediately.
Sites that support automatic background updates will be updated to
WordPress 4.0.1 within the next few hours. If you are still on
WordPress 3.9.2, 3.8.4, or 3.7.4, you will be updated to 3.9.3, 3.8.5,
or 3.7.5 to keep everything secure. (We don’t support older versions,
so please update to 4.0.1 for the latest and greatest.)
WordPress versions 3.9.2 and earlier are affected by a critical
cross-site scripting vulnerability, which could enable anonymous users
to compromise a site.
https://wordpress.org/news/2014/11/wordpress-4-0-1/
Also please see the last email to this list regarding brute force
attacks, we are still seeing a lot of these running against WordPress
sites on our shared servers:
https://lists.webarch.co.uk/pipermail/webarch-wp/2014-November/000002.html
All the best
Chris
--
Webarchitects Co-operative
http://webarchitects.coop/
+44 114 276 9709
@webarchcoop
More information about the webarch-wp
mailing list