Several of WordPress’s vulnerabilities have been updated with the release – fixing critical issues that you will want to remedy immediately. Before this update rolled-out, Sucuri explained how – what they called a “admedia iframe injection” – had exploited and infected many WordPress sites across the Internet with Malware, using Javascript as a vehicle for insertion. The issue was raised over the weekend when Sucuri had noticed a spike in the number of sites infected with the exploit. Readers can check if their site(s) is/are infected by looking in .js files for anything that looks out of place, or improperly appended to the bottom of the file. It has also been noted that this is the source of constant reinfections as this type of attack, in particular, can affect all sites on a server – this means that all WordPress installations on a server would individually need cleaning and updating. If you are not infected, you needn’t worry – however, if your sites/server shows signs of an attack – act immediately. All accessible .js files are open to this attack, and this malware tries to infect them one-by-one – ensure to clean all sites hosted on all domains to cease further contamination. Half-measures will not suffice here – you will need to clean all of your sites and not just ones that you use – redundant sites can also be infected; so be prudent and ensure that you examine all sites for signs of infection. WordPress are not known for their comprehensive bug fixes and update notes of late, but it is believed that the latest update fixes this exploit and prevents any future vulnerabilities and/or attacks. It is also worth mentioning that WordPress have also released details of a meta attack that they have observed and have published a video that demonstrates how the attack is performed. You can view this video here. The update however, released yesterday, is said to be a security release – WordPress encourage all sites to apply the update immediately. Some sites may not auto-update, however, so you should immediately check to see if you have the update and take the necessary actions (explained above) if you haven’t.
03rd February 2016
