Insidious: WordPress worm
The vulnerability was discovered on August 11, when WordPress urged users to update to version 2.8.4! (Yes, this blog is running 2.8.4.) Many people have yet to upgrade, and meanwhile, the worm is chomping away.
Mullenweg described the actions of the worm: “it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.”
Upgrade instructions and links are here. If you think your blog has been attacked, here is a WordPress FAQ for you.
-Bill at Cheshire Cat Photo™
You can view higher-resolution photos (*generally* 7-30 megabytes, compressed) at the Cheshire Cat Photo™ Pro Gallery on Shutterfly™, where you can also order prints and gifts decorated with the photos of your choice from the gallery. Apparel and other gifts decorated with some of our most popular photos can be ordered from the Cheshire Cat Photo™ Store on CafePress®. Both Shutterfly™ and CafePress® ship to most international locations worldwide! If you don’t see what you want or would like to receive an email when new photos are up on the site, send us an email at info@cheshirecatphoto.com.