security

Two minute WordPress upgrade!

If you host your own [tag]Wordpress[/tag] then take note – there’s a [tag]php exploit[/tag] on the loose that’s taken out several well known SEO blogs. Advice is to update to [tag]Wordpress 2.0.7[/tag] right now. You have no excuse if you’re compromised because you have been warned! Updated 23rd Jan: there’s a shiny new WordPress v2.1 […]

Minor Wordpress vulnerability confirmed

Minor WordPress vulnerability confirmed

Thanks to Jason for the heads-up – it seems that my [tag]Wordpress[/tag] 2.0 [tag]blogs[/tag] are [tag]vulnerable[/tag] to the [tag]exploit[/tag] listed in WordPress issue #3142, but the effect is relatively minor. Every logged in user can spy out the metadata of all other users by typing in the URL /wp-admin/user-edit.php?user_id=XXX irrespective if he has the right […]

BuyandSell – Buyer fraud?

I’ve currently got my Inspiron 9300 listed on BuyandSell, a free ads paper with an online version. I believe I’ve received a couple of potential fraud inquiries.They mention “the item” I have for sale without mentioning what it is, and talk about PayPal or Moneygram payment. I don’t know precisely how the fraud works, but […]

Securing a new Windows box on the cheap

I had to secure a new Dell laptop (a lovely Inspiron M1210) recently, here’s what I did. Security updates for operating system First things, first – update Windows as soon as possible. Use Windows Update at windowsupdate.com. Alternative to using Windows Update: In the comments, brucew mentioned AutoPatcher XP. He says “Updated monthly, a single […]