All the latest UK technology news, reviews and analysis
|
|
|
06 Sep 2009
Blogging software firm WordPress has warned of a worm spreading among users by exploiting an old security vulnerability.
The company said that the worm has been identified only because of flaws in its design.
"This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at the user's page," warned the company in a blog post.
"It then attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts."
However, the worm's design means that it breaks links on a user's page, alerting them to the fact that something is wrong.
The current WordPress 2.8.4 is immune to the worm, and users are being urged to upgrade as soon as possible.
Latest stories from Software
Related videos
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
Orange and Intel talk us through the ins and outs of their San Diego smartphone
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Premier Consulting Firm - Procurement/P2P Transformation...
Premier consulting firm - IT Strategy and Cloud Consulting...
Software developer/ C# developer, (ASP.NET, C#, MVC...
Oracle Developer/ Programmer- Oracle ebusiness suite...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?