Ignorance is Bliss? An Enormous WordPress Zero-Day has Been Secretly Fixed [↗]

WordPress 4.7.2 fixed the issue, but it was a “silent patch”. The fix was hidden within other issues in order to give everyone time to patch their systems.

At the time of 4.7.2’s release details of the flaw were kept secret, as the security community raced to ensure that as many sites were protected as possible as Aaron Campbell explained in a WordPress blog post.

Sounds like a rather nasty flaw, so it’s understandable that a “silent patch” was applied.

UPDATE: More detailed information available here.

Tagged with:

Leave a comment

Note: Please be excellent (this is not YouTube and I reserve the right not to publish comments from muppets.) Your email address will not be published. Required fields are marked *