Networking
Security
Telco/ISP
Storage
Hardware
Software
Oddware
Strategy
Finance
Training & Development
Login
|
Join iTnews
|
Sitemap
|
RSS
Reviews
|
Galleries
|
Events
|
Net Seminars
|
Whitepapers
|
Downloads
|
Newsletter
|
Videos
Home
>
News
>
Technology
>
Security
>
Exploit code implanted into blog software
Security
Exploit code implanted into blog software
Related Articles
Five lock-in traps to avoid when buying software
Unlicensed software users fined $300K
US software firm sues China over Green Dam
Google hack attack code hits the web
Breaking Stories
Australian Government websites blitzed by DDoS attack
Vividwireless reveals five-city expansion plans
Microsoft denies Windows 7 battery problems
Ex-Intel executive owns up to insider trading
Optus to boost HFC network up to 100 Mbps
By
Shaun Nichols
Mar 6, 2007 8:22 AM
Tags:
exploit
|
code
|
implanted
|
blog
|
software
Attackers break into server and inject malware into software update.
Attackers have injected exploit code into the downloadable software for the WordPress blogging service.
The company has issued an update that repairs the vulnerability.
The open source Wordpress software allows users to set up and push out postings to a blog. Although online bloggin services such as Blogger.com, Typepad or Wordpress.com allow users to publish blog postings directly from a browser windows, client software offers users more flexibility.
Hackers early last week broke into Wordpress' download server and embedded their attack code into the 2.1.1 update of the open source application. The malware opened up a backdoor on infected systems that would allow an attacker to execute code and install software.
WordPress founding developer Matthew Mullenweg on a company blog said that the infected software was offered to users for 3-4 days as an official WordPress download before the company was alerted of the breach.
"This is the kind of thing you pray never happens," said Mullenweg.
"But it did and now we’re dealing with it as best we can."
Security vendor Symantec claimed that it had notified fewer than 50 attacks exploiting the backdoor. The firm rated the threat as "low-level" beacuse of its limited reach and easy removal.
WordPress said that though not all downloads of version 2.1.1 were affected, the company is recommending that all users upgrade to version 2.1.2 of the software. WordPress also recommends that administrators hosting WordPress blogs prevent access to the "theme.php" and "feed.php" files that are infected by the attack.
Copyright © 2009 v3.co.uk
Email this
Print this
Tweet this
Send us your tips
Comments
Be the first to comment on this article.
Thoughts on this article? Add a comment below.
Comment:
Want to participate in the discussion?
Register for FREE
Or
log in
now to comment
Ads by Google
IT Whitepapers
Top Categories
Networking
Software Development
IT Management
Enterprise Applications
Storage
more technology whitepapers »
Latest Technology Jobs
Instructional Designer (Training Developer) (s15)
Informatica PowerCenter Consultants
SAP Business Analyst
Windows Server Engineer
PowerBuilder Developer - PowerBuilder, DB2, Solaris
Netbackup Storage Specialist
more technology jobs »
Top Stories
TIO website hit by malware
Weekend malware runs one new process per target machine.
Microsoft announces Azure launch date
Australia in second wave of country releases.
CBA embarks on "database-as-a-service"
Analysis: How the bank intends to save megabucks.
iiNet wins! Film industry's case torn to shreds
No "three strikes rule" for Australian ISPs
iiTrial: Judgement Day (live coverage)
Key EDS witness bought internet degree
Legal experts expect appeal in iiNet judgement
Christian Lobby buoyant on filtering after meeting Conroy
iiNet wins! Film industry's case torn to shreds
Day 20: iiNet refuses to play police for film industry
iiNet vs the film industry: Judgement day preview
Day 20: iiNet can’t vet AFACT copyright allegations
Spotlight
the topics we're following
Telstra Split
IINET vs AFACT
Cloud computing
Internet Filtering
NBN
Latest Comments
"I only became aware of it when news arose that they were ditching it. Maybe it just wasn't ..."
on
Commentary: Think B4 U waste our time and money
by
Ace
Feb 10, 2010 10:39 AM
"With Optus supposedly boosting this service sounds great, record profits on mobile business ..."
on
Optus to boost HFC network up to 100 Mbps
by
Johnnnny
Feb 10, 2010 9:58 AM
"Digger and JL - the two biggest back-flippers in history. (Or are they they same person ?) Now ..."
on
Exetel drops infringement policy after iiNet win
by
marklara
Feb 10, 2010 9:56 AM
"Once we get past cloud computing, it will be full speed ahead to blue sky computing - although ..."
on
Opinion: Webjet brings 'cloud' claims back down to earth
by
Ace
Feb 10, 2010 9:52 AM
"Maxxi if your reading this I am pretty sure the opinion of Google far outweighs the minority ..."
on
Google cold on voluntary YouTube filtering
by
Mark D
Feb 10, 2010 9:46 AM
Plan Finder
Powered by
WhistleOut
Mobiles
Deals
Broadband
1)
HTC Magic
16 plans
2%
2)
Nokia N97
43 plans
9%
3)
Nokia E71
49 plans
1%
4)
Apple iPhone 3GS 16GB
30 plans
11%
5)
Apple iPhone 8GB
42 plans
5%
Fast Wireless BB
in Your Home
This wireless modem gives you super-fast broadband in home + local and national calls.
Sony Deals
With Optus
Great Sony PlayStation® deals available for a limited time with Optus.
Save $50 on
iPhone 3G 8GB
3 Mobile are offering $50 off an iPhone 3G 8GB on $49 cap and above.
3 Months Free
on HTC Magic
The HTC Magic is now available on the $29 Cap from 3 Mobile with 3 months free access.
3 Months Free
on Nokia N97
Big February update - now 3 months free with Vodafone on the $59 Cap.
3 Months Free
on Nokia E71
The Nokia E71 is now available on the $29 Cap from 3 Mobile with 3 months free access.
Nokia E72 +
3 Months Free!
The Nokia E72 - new model with full keyboard and 3 months free on the $49 Cap.
3 Months Free
with 3 Mobile
Get 3 months free on Nokia E71, Samsung F480, Nokia E63 and more with 3 Mobile.
This Guy is Not
Bob. This is...
Super-fast in home wireless broadband + local and national calls.
«
1
of
»
1)
iiNet
32 plans
5%
2)
Netspace
36 plans
11%
3)
TPG Internet
19 plans
14%
4)
Optus
33 plans
1%
5)
Telstra BigPond
30 plans
2%
Mobiles
|
Broadband
|
Credit Cards
iTnews
Polls
What is the sweet spot for Apple's entry 16GB Wi-Fi iPad?
$549
$579
$619
$649
$699
|
View results
$549
77%
$579
11%
$619
4%
$649
3%
$699
6%
TOTAL VOTES: 387
Vote
view previous polls »