The latest updates to WordPress were announced today. There are new versions for the shiny and still relatively new 2.1.x series and for the getting on a bit, but still quite nice really 2.0 series. These fix some minor, but widely publicised security issues, and one apparently quite large one.
The developers have also had another good look through the code and made some changes which should help reduce the number of future problems. Now some people might start getting the idea that all these releases make it look like WordPress is full of holes, but it’s really more a case that WordPress is now so popular and high-profile that people who like looking for holes have been taking the time to dig into it more. Microsoft suffer from the same problem on a larger scale…
Full details from the WordPress Development Blog. Download 2.1.3 from the usual place or 2.0.10 from the release archive (note that due to the slightly borked sort order, you’ll have to scroll about half way down rather than to the top or bottom where you might expect a recent version to live).
I upgraded using Brian Layman’s quite marvellous Easy WordPress Upgrade Script, which is recommended to anyone who has shell (command line) access to their host. Backs up your site, grabs the latest version, extracts the files and runs the upgrade all in one remarkably painless operation. If you have multiple sites on the same server, it can do them all! It needs a very small amount of configuration, and does what it says on the tin. Good stuff.
 A bit like me