Wordpress Update 2.8.6

November 14, 2009 | By eric | 3 Comments »

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

Just a quick update here.

This new version of Wordpress is not showing on my dashboard yet and probably not even on your site as well. I think this is a record breaker version also for the fastest security update since the previous version (23 days after the 2.8.5 upgrade).

It is always recommended to update to a new version of Wordpress as soon as possible and especially so for a security release .

This update  fixes two security problems.

1. XSS vulnerability in Press This.

2. Sanitizing uploaded file names that can be exploited in certain Apache configurations.

Is this version really for you?

Here’s the straight fact: If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

Really it’s up to you. This update was really unexpected.

There’s no harm in upgrading, though.

Tagged: 

3 Comments »


  • Comment by TheFlyOnTheWall |
    November 16, 2009 at 11:31 am

    I tried the update with the automatic button and got errors. So I researched the problem and it seems a lot of people are getting errors and having problems. And if they do get it updated there still seems to be flaws. I think I will wait a while :)


  • Comment by Holly Jahangiri |
    November 24, 2009 at 11:17 am

    I have tried the update twice, unsuccessfully. It corrupted my blog, and I had to restore the files. I think I’ll skip this one and hope the next update comes out cleaner.


  • Comment by eric |
    November 24, 2009 at 12:00 pm

    I agree. This update version broke a lot of plugins. I’m skipping this version too.




Leave a Reply

ClickBlog.org Related Posts Widget for Blogs by LinkWithin