March 6, 2007 4:45 PM PST

Intruder adds back door to WordPress blog software

Related Stories

Researcher launches Month of PHP Bugs

March 2, 2007
An unknown intruder has compromised a WordPress server and added a remote control tool to downloadable versions of the widely used blogging software.

The breach happened last week and was discovered on Friday, WordPress creator Matt Mullenweg wrote on the WordPress Web site.

"Long story short: If you downloaded WordPress 2.1.1 within the past three to four days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately," Mullenweg wrote. He did not say how the attacker breached the WordPress system.

The WordPress team learned of the compromise through an e-mail to its security e-mail address about unusual and highly exploitable code in WordPress. After an investigation, the team concluded that somebody had modified two files in the 2.1.1 release that would allow for remote execution of PHP code, Mullenweg wrote.

The vulnerability could allow an attacker access to the server running the blogging software.

The Web server hosting the infected WordPress software was taken down and will be forensically examined, Mullenweg wrote. "This is the kind of thing you pray never happens, but it did and now we're dealing with it as best we can," he wrote.

Not all downloads of 2.1.1 were rigged, but WordPress has released version 2.1.2 that includes minor updates and entirely verified files. The team is also taking measures to prevent a similar breach in the future, Mullenweg wrote.

Any WordPress users running version 2.1.1 should upgrade immediately to overwrite all old files. WordPress has additional tips for Web hosters and network administrators.

See more CNET content tagged:
WordPress, blogging software, intruder, attacker, blog

2 comments

Join the conversation!
Add your comment
Whoa...you guys are slow
Sheesh Cnet....what too you so long on this story? This has been on the blogs and in the 24/7 Net news cycle for days now.

Old news and a new release is out. ZZzzzzZZZZzzzzz....
Posted by Mousefinger (34 comments )
Reply Link Flag
Software has reputation...
That reputation is either good or bad.

Microsoft's reputation is bad... but you rarely paint it as such... but you do go beyond the call of duty to paint others as bad.

But you're a bit slow on this one and you kindly don't publish such bad news about Microsoft.

Are your reporters on the MS payroll? (* GRIN *)

Walt
Posted by wbenton (522 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.