moebius recursive

I upgraded this blog to WordPress 2.8.4 this morning to avoid falling victim to a new exploit that has apparently already compromised a fair number of WordPress-based blogs.

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

Once again, the one-click upgrade facility on dreamhost made this a quick and easy exercise.

Technorati Tags:
blogging, security, upgrade, wordpress

 

After one short week of upgrading to Snow Leopard, all of the software that experienced issues after the SL upgrade have been updated to be compatible. Currently running updated versions of Menu Meters, Cyberduck, OxygenXML Editor and Mozy without issue.

Technorati Tags:
apple, snowleopard, software, upgrade