WordPress 2.0.4. Do It.

Wordpress wants me to remind you all to upgrade to version 2.0.4 as soon as possible. They seem to be getting into the habit of having each release be very critical to install as soon as possible because of security fixes.

Usually they can keep a lid on the details of the security problems until the patch is out so the script kiddies aren’t going around taking over people’s blogs before a fix is available. But once they put out the new version, it’s not too hard for someone to look at what was changed and figure out how to exploit the old version.

So get updating, peoples. In fact, even if you don’t run Wordpress, you should probably just install the new version on a spare machine. Some of these security holes might be big enough that you’ll wind up getting pwned even if you aren’t running Wordpress. That’s how serious we’re talking here. You could just be walking down the street, whistling like someone who doesn’t have a care in the world, and then all of a sudden some 13-year-old in Idaho is selling naked pictures of your girlfriend on eBay. That’s the kind of badness that happens from these things. You might even die when they take your heart and use it in their zombie DOS networks.

You might think I’m exaggerating, but I’m not. Upgrade or die, that’s what it boils down to.