Security Update H200

Important WordPress security update

If you use WordPress for your website, you need to read this!

WordPress released an urgent security update (Version 4.7.2) at the beginning of February (2017) to fix a very serious vulnerability that allows hackers to easily change the content on websites.

This is apparently one of the worst WordPress related vulnerabilities to emerge in some time and one major security software company has noted more than 800,000 attacks exploiting this specific vulnerability in just a 48 hour period across the WordPress sites they are monitoring.

The vulnerability has proven to be so effective for hackers compared with previous ones that it has resulted in attackers competing with each other to deface vulnerable WordPress websites. Initial data indicates that around 1.6 million WordPress sites have already been hacked within the first few days.

What to do

Check to see what version of WordPress your website is using. You need to be running the latest version which is 4.7.2.

If you were previously up to date (i.e. running version 4.7.1) WordPress should have already automatically updated it to the new version. However, if you were running an older version you will need to manually update it. Whichever applies, I suggest you check that you are using the latest version, just in case for some reason the automatic update didn’t occur.

Update 13th February

Additional data from the security software company, who are continuing to monitor the situation, shows a further 26% increase in attacks in the last 24 hours so this is having a big impact on websites worldwide as more and more hackers get on board.

If you need any help, give us a shout.

Be safe not sorry.