UPDATE: WordPress 2.6.5 has been released. This is still no legitimate version 2.6.4 and there never will be.
As of the time of this post, there is no such thing as WordPress 2.6.4. There also likely never will be as 2.7 will be the next version of WordPress assuming no emergency security fixes are needed before it comes out.
If you “upgraded” to “2.6.4″, then you have installed a fake trojan version (full description is here and here), you should delete your wp-admin and wp-includes folders and replace them with fresh copies downloaded from WordPress.org, the official site. If you have a recent database backup from before you upgraded, I would also advise dumping your database and using that backup just to be safe. You should also of course change all of your WordPress user account passwords.
Please be smart when it comes to WordPress! Because it’s so immensely popular, it has become the target of spoofers and hackers. Always type in the URL to the official site (rather than using a link and not paying attention) if you are trying to download the latest version.
| Print article | This entry was posted by Viper007Bond on November 7th, 2008 at 3:47 AM, and is filed under WordPress. Follow any responses to this post through RSS 2.0. You can leave a response or pingback from your own site. |
Hi and welcome to my blog. My name's Alex, although I'm more commonly known as Viper007Bond (or just Viper). I work for Automattic and I blog here about WordPress stuff and various interesting things I find. You can read more about me on my about page.
Gebze Nakliyat: space constraints prevent all comments from appearing. We will only approve comments that are...
Justin: Amazing plugin!
One thing I noted while using it was that the ability to change the embed URL of...
çiçekçi: Hello How can I manage, what other users can see on their Admin Bar
Jeremy Clarke: Jason: There is a simple API you can use to filter the default settings for all users, it is only a...
Jason: Viper - very nice plugin. Thank you.
If you're so inclined, it would be very nice if admin...
about 1 year ago
Thanks for the warning
about 1 year ago
Looks like the folks at wordpress have decided to skip wordpress 2.6.4 and go straight to 2.6.5 which was just released today due to security and other bug fixes. you can read the full post and get the new version on the wordpress.org site. http://www.wordpress.org
read the blog here: http://wordpress.org/development/2008/11/wordpress-265/
it’s sad that it’s come to this for the open source world. That programs such as wordpress become targets for hackers.
Brandon
about 9 months ago
That’s why it’s always a good idea to update from the WordPress site itself, luckily for us the new versions allow for us to auto-update without downloading, uploading and installing the mods on our own. Good looking out, a simple google search returns many sites running the ‘trojan’d’ 2.6.4 version…
about 2 months ago
ahhh…. i use 2.9
about 2 months ago
Well i was told that there is wordpress version 2.6.4 in fact i wanted to change my blog @ http://www.freeinternet4all.blogspot.com to wordpress before i came across your blogpost.Thanks for saving my precious time.