WordPress 2.2 is Mandatory Security Upgrade

By Posted 2007 Updated   BloggingSecurityWordPress

I have read lots of bloggers waiting for some weeks before they upgrade to the new version of WordPress 2.2. Everyone knows your WordPress version and once the WordPress security issues become public (with fixes announced), and you decide not to upgrade, hackers can break into your blog.

Mark, a key WordPress developer says that WordPress 2.2 is a mandatory security upgrade for WordPress 2.1.3 users. There will be no further releases in the 2.1.x branch. 2.2 includes security fixes that 2.1.3 lacks, so your only upgrade path is to 2.2. WordPress files have changed so much that he has not released his usual changed file lists.

Each WordPress release would have some bugs persisting, that is the whole idea behind release candidates for WordPress testers. However, when the final version is released to the community, the widest possible test occurs as wordpress gets tried with different web hosts, platforms, and plugins. And then more bugs are reported which can be fixed. You can see how WordPress defects are being reported and fixed in WordPress 2.2.1 at WordPress Trac.

Often things do go wrong and you need to re-upgrade quickly. In a rare event, a cracker modified WP 2.1.1 download files on WordPress servers, and a new version was released promptly. Often patches are released, as occurred to fix feedburner issues in WordPress 2.0.6, or when Server 500 Errors were reported with WordPress 2.0.5 Upgrades.

If problems do occur, see if you followed the upgrade instructions correctly. Deactivate plugins and see if a particular one is causing errors. WordPress upgrades is an ongoing process and your blog security is your own responsibility. I recently upgraded to WordPress 2.2. and its working fine (with these plugins).


5 comments on “WordPress 2.2 is Mandatory Security Upgrade

  1. CypherHackz says:

    maybe because they have many wordpress blogs, so they don’t want to upgrade their wordpress unless it is really stable and no minor updates needed. it is difficult and takes so much time to upgrade if we have 15 wordpress blogs right?

  2. Rhys says:

    I’ve put off upgrading, largely because of the widgets (don’t want to mess up my blog), but when you put it like that, I may as well.

  3. QuickOnlineTips says:

    I think this upgrade is having more issues with the blog template because of inbuilt widget support. WP 2.2.1 will be fixing the issues.

    I do not have widgets enabled in this theme, so have not noticed any issues.

  4. GoingLikeSixty says:

    I went to Bluehost.com to see if they had their “easy upgrade” for 2.2.
    Nope. I’ll wait until that’s available.

  5. Kevin says:

    If there are real security issues then there should be a minor security release for WP 2.1. There are just to many changes between 2.1 and 2.2 to force every person to upgrade.

    Kevin

Leave a Reply

Your email address will not be published. Required fields are marked *




css.php