HOT TOPICS >> Solid State Drives | IT Security | Open Source | ARM Processors | Google Chrome 4
INDUSTRY >> Healthcare | Government | Financial Services | Biotech | Compliance
New worm attacks unpatched WordPress blogs
A new worm targeting WordPress blogs is currently on the move, according to reports. This new worm affects self-hosted WordPress blogs using a vulnerability that was detected in August; so users who have updated to the current version of WordPress 2.8.4 will not be affected.
What is of particular concern here is its evasiveness and difficulty to remove. According to a blog post by Matt Mullenweg, founding developer of WordPress, "This particular worm...is clever." He elaborated on how the worm registers a user, then leverages on the aforementioned security bug to allow evaluated code to be executed and make itself an admin.
It doesn't end there, though: The worm makes proactive use of JavaScript in order to stay invisible on the WordPress user page, and goes "quiet"--even while it inserts hidden spam and malware into old posts.
For more on this story:
- check out this article at CNET News
Comments
Post new comment
Home
| Subscribe | Advertise | RSS |
Privacy
| Site MapTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe© 2009 FierceMarkets, Inc. All rights reserved. |
 |