The fine folks over at WordPress just released what they’re calling a “hardening” upgrade. Version 2.8.5 doesn’t have any new features, just some code improvements to make sure you’re WP site stays safe…
As you know over the past couple of months we have been working on the new features for WordPress 2.9. We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought were worth back-porting to the 2.8 branch so as to get these improvements out there and make all your sites as secure as possible.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_c.png?x-id=12596acc-7370-4b86-91fa-14a3f4befbe4)
{ 5 comments… read them below or add one }
I don’t understand why they released the new version so quickly after the last update 2 months ago.
I don’t see any changing in this new version. It’s not really necessary to upgrade.
Although it may not be “necessary” to upgrade, I would advise anyone reading this to ignore V.C. and go ahead and apply the update.
The upgrade is exactly what it's advertised as: A hardening upgrade. It enhances security in a few places the WP team saw a need for it.
Hardening upgrade… haha.
I think they did it for fun.
You would not think it was so funny if your web server had been cracked by a wordpress exploit.
They are using euphemisms to hide that fact that they are finally fixing some very bad security flaws.
this is why I don't use wordpress or phpbb or a bunch of other frameworks. too many people writing too many flawed and insecure systems.
I'm not speaking hypothetically, I've had to clean up the mess that attackers have left.
You would not think it was so funny if your web server had been cracked by a wordpress exploit.
They are using euphemisms to hide that fact that they are finally fixing some very bad security flaws.
this is why I don't use wordpress or phpbb or a bunch of other frameworks. too many people writing too many flawed and insecure systems.
I'm not speaking hypothetically, I've had to clean up the mess that attackers have left.