From WordPress Development Team:
Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.
Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.
It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.
What’s the difference between a hacker and a cracker? Good question! I explored this difference nearly two years ago. It still holds true.
According to the How to be a Hacker website, “The basic difference is this: hackers build things, crackers break them.”
And I thought crackers were good ol’ boys from Jawjuh.
Did you do the 2.1.2 upgrade yet? I have not. Went to the DH control panel and expected to find it under the One-Click Installs. Looks more complicated than that, so since I am still at 2.1, decided to put it off.
I did the upgrades via the One-Click Installs. This used to be a big PITA but DH seems to have gotten it figured out.
All of my WP sites are 2.1.2.
I think.