Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: WordPress Release Security Update SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
WordPress Release Security Update

WordPress released a security update (version 3.3.2) that fixes 3 external libraries (Plupload, SWFUpload and SWFObject) as well as privilege escalation and cross-site script (XSS) issues as well as 5 other bugs. Change log posted here. The advisory is posted here and you can download the update here.

[1] http://core.trac.wordpress.org/log/branches/3.3?rev=20552&stop_rev=20087
[2] http://wordpress.org/news/2012/04/wordpress-3-3-2/
[3] http://Pluploadwordpress.org/download/

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Guy

453 Posts
ISC Handler
Any tie to the Apple Flashback outbreak (http://www.techweekeurope.co.uk/news/flashback-kaspersky-wordpress-74209) or just regular fixes?
Dean

135 Posts
Dsh,

Difficult to say if it is related the Apple Flashback. Not much information posted regarding the issue.
Guy

453 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!