I happened to glance at the Wordpress blog on my admin page when logging in just now and noticed the headline: “Wordpress 2.11 dangerous, upgrade to 2.12″

My first thought was that “dangerous” was a codename although it would be entirely out of keeping with the Jazz related codenames of the past. A quick scan of the post and it turns out that a malicious cracker (by which I mean what most people would call a hacker and not one usually prefixed by ‘Jacob’s Cream’) had managed to gain access to the download files of the latest version and altered a couple of files so that they would permit remote php execution.

So first things first, if you have upgraded to WP 2.11, you might want to not take any risks and do a new upgrade to 2.12 which has been entirely validated. Of course, this probably won’t affect many of you because I guess most people are still considering the move to 2.1, let alone a minor subsequent bug fix release.

And the next thing: isn’t it depressing that there are people in the world with nothing better to do with their time than just be anonymously malicious and fuck around a load of complete strangers for little to no apparent gain. Words fail me.