After several security threats were found on older versions of WordPress, it’s rather obvious that the newly released WordPress 2.8.5 is security focused. Security hardening is a major priority in WordPress 2.8.5. Don’t wait till WordPress 2.8.4 gets pounded, you better upgrade right now.
So what are the worth noting improvements in WordPress 2.8.5?
– A fix for the Trackback Denial-of-Service attack that is currently being seen.
– Removal of areas within the code where php code in variables was evaluated.
– Switched the file upload functionality to be whitelisted for all users including Admins.
– Retiring of the two importers of Tag data from old plugins.
The WordPress team also recommends the WordPress Exploit Scanner plug-in to those who think their WordPress blog(s) has been affected by one of the recent exploits. This plug-in scans your website for suspicious files and informs you of its findings, without removing anything – that’s left to the administrator.