WordPress 4.7.5 Security Release – Immediate Update Recommended

WordPress 4.7.5 Security Release – Immediate Update Recommended

43
0
SHARE
Linux Reseller Hosting

 

A few hours ago WordPress abruptly released 4.7.5 which is a security release. It fixes six vulnerabilities which are detailed on the wordpress.org blog.

I’d like to encourage you to update to 4.7.5 as soon as possible. Unless you have disabled automatic updates, your site may have already been upgraded to WordPress 4.7.5. This security release was a ‘minor’ release and WordPress by default automatically updates core minor releases.

I have used the term ‘abrupt’ to describe this release because it went out without much pre-announcement. I’m concerned that this release may have fixed more than the vulnerabilities that have been detailed on the WordPress blog. That would not be without precedent.

On January 26th WordPress released 4.7.2 and they delayed disclosing a vulnerability for a week. That vulnerability was the infamous WordPress defacement vulnerability which resulted in hundreds of thousands of sites being defaced and multiple highly active attack campaigns.

We don’t have any data at this time on whether this release includes an additional security fix that is unannounced. But recent history indicates it is probably a good idea to update immediately.

Windows Shared Hosting

Our Partner

partner-cloudflare
partner-cloudlinux
partner-cpanel-whm
partner-Paralleles-plesk-panel
partner-sitelock
partners-OpenVZ
R1Soft
partners-RV-Globalsoft
partners-Softaculous-auto-installer
partners-solusvm
partners-whmcs
services-cpanel
services-MySQL
services-Perl
services-swsoft-plesk
support-sevices-php