Manufacturer HP recently released figures on the security of the most popular content management systems, as well as their plugins. While they found that the core applications of the CMSs themselves are relatively safe, they discovered that about 70 percent of the applications they tested were “vulnerable” to security risks. One of the best ways to keep your website safe is to regularly update your CMS to the latest version. Wordpress has released an update that resolves several pressing security issues.
If you use Wordpress, it is time to update to 3.1.1. The updated version makes 30 fixes, including three patches for serious risks (preventing PHP crashes, a cross site scripting vulnerability, and tightening up SCRF prevention). Downloading 3.1.1 is essential; Wordpress is one of the most popular CMSs, managing everything from personal blogs to sophisticated commercial sites. Because of its popularity, it is a target for hackers, who work on security vulnerabilities in older versions.
As to technical details, the Wordpress 3.1.1 developers released a little haiku: “Only the geeks know/ what half this stuff even means. /Don’t worry – update.” Easy enough. You can do this from Wordpress’s website, as well as directly with your Wordpress Dashboard. Other features of the update include:
• Security hardening to media uploads.
• Improvements in performance.
• IIS6 support fixes.
• Taxonomy and PATHINFO permalinks fixes.
You can download the updated version, Wordpress 3.1.1 here.