Category Archives: Uncategorized

Is WordPress 3.3.2 tied to the MAC OS X security issues?

Blogging platform king WordPress has gone quite a long time without an update, until today that is. When I logged into my blogs I noticed that WordPress update 3.3.2 was awaiting my installation. I have read via SANS that compromised WordPress sites were the major attack vector for this high profile MAC attacks. Putting two and two together it makes quite a lot of sense that there is a new WordPress update to install to mitigate discovered issues with the platform.

Upon review of the update it contains fixes for several cross site scripting vulnerabilities as wells as a limited privilege escalation vulnerability. I decided to break with my normal policy of installing WordPress updates after 2-3 weeks stability and experimented with applying the patch right away. My test site worked with no problem so I applied it to my other two sites and no issues were experienced across the board.

It feels like it is only a matter of time until iOS gets hit big time and iPhone and iPad users learn that they are not isolated from the security issues that have faces Windows users for over a decade. With popularity comes scrutiny.