A worm against Wordpress

On September 5th Matt published a post about a dangerous worm which is “making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts“.

It seems to be particularly dangerous, mainly because an alteration of the permalink structure and the insertion of spam links is one of the worst activities for search engines positioning.

Anyway the current Wordpress version (2.8.4) is immune to the worm. It’s a good reason to update as soon as possible to the last version. Another good tip from Matt is to set a very complex access password to the blog administration.

Tags: admin, javascript, matt, worm

This entry was posted on Friday, September 11th, 2009 at 6:24 pm and is filed under Development. You can follow any responses to this entry through the RSS 2.0 feed.