In association with heise online

07 August 2012, 17:15

False Syria Reports: Reuters was running outdated WordPress

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

WordPress logo Last Friday, the journalist's blog from Reuters began publishing false reports of the situation in Syria. The false reports were publishable because the British news agency was using an outdated version of WordPress which contained a number of publicly known vulnerabilities, according to a blog posting on the Wall Street Journal.

The WSJ cites Mark Jaquith, one of the leading developers of the open source blogging platform, who says that Reuters was running version 3.1.1 of WordPress at the time of the hacking instead of the current version, 3.4.1. Since 3.1.1, a number of security holes have been closed in the software. Attacks on outdated WordPress installations have become quite common. Last year, thousands of WordPress blogs were used to spread malicious code. According to Jaquith, WordPress installations automatically notify users of updated versions and offer an automatic update feature.

Reuters parent company, Thomson Reuters, has yet to make a comment on the incident and the initiators of the hacking attack remain unknown.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit