Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: WordPress Release Security Update SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
WordPress Release Security Update

WordPress released a security update (version 3.3.2) that fixes 3 external libraries (Plupload, SWFUpload and SWFObject) as well as privilege escalation and cross-site script (XSS) issues as well as 5 other bugs. Change log posted here. The advisory is posted here and you can download the update here.

[1] http://core.trac.wordpress.org/log/branches/3.3?rev=20552&stop_rev=20087
[2] http://wordpress.org/news/2012/04/wordpress-3-3-2/
[3] http://Pluploadwordpress.org/download/

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Guy

472 Posts
ISC Handler
Apr 21st 2012
Any tie to the Apple Flashback outbreak (http://www.techweekeurope.co.uk/news/flashback-kaspersky-wordpress-74209) or just regular fixes?
Dean

135 Posts
Dsh,

Difficult to say if it is related the Apple Flashback. Not much information posted regarding the issue.
Guy

472 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!