Most of us have just upgraded to Wordpress 2.5 when it’s now time for another upgrade. This time it’s a more urgent upgrade since it includes a security fix and about 70 bug fixes:

We recommend everyone update immediately, particularly if your blog has open registration. The vulnerability is not public but it will be shortly.

My guess is that this security fix is related to this post, but that’s just my guess.

Read more in the Wordpress blog or go directly to the download page to get the latest version.

Popularity: 16% [?]

Now all hosting companies offering IIS and SQL Server on Windows XP, 2003, Vista, and Server 2008 must watch out for a vulnerability allowing local users to raise his privilege level.

Microsoft stated in their advisory:

Hosting providers may be at increased risk from this elevation of privilege vulnerability.

But no explanation was provided.

Since IIS is a popular platform for may web hosting companies we may see targetted attacks on hosting companies (and their clients web sites) . If you work for or run your own hosting company you may have to keep an eye on your SQL server.

Read more at McAfee AVERT Labs Blog.

Popularity: 24% [?]