ShiftDelete.net
BİZİ TAKİP EDİN

WordPress executes forceful Jetpack Patch on millions

A critical security patch for the popular Jetpack WordPress plugin is being forcefully installed on 5 million sites by Automattic, the parent company behind WordPress.

WordPress executes forceful Jetpack Patch on millions

The renowned company, Automattic, managing the highly-used WordPress CMS, has initiated a forced security patch installation to address a severe vulnerability in the much-loved Jetpack WordPress plug-in. This move is currently affecting millions of websites globally.

A much-needed security solution

Jetpack, a widely favored plugin, enhances the WordPress experience with free security, performance, and site management tools. It offers features such as site backups, protection from brute-force attacks, secure logins, malware scanning, among other benefits.

Data from the official WordPress plugin repository highlights that Automattic maintains the plug-in, which boasts over 5 million active installations currently.

During an internal security audit, Automattic’s Developer Relations Engineer, Jeremy Herve, shared that they discovered a vulnerability within the Jetpack’s API that has been present since version 2.0, launched in 2012. This vulnerability could potentially allow site authors to manipulate any files within the WordPress installation.

Swift action for greater security

Automattic has swiftly responded by rolling out the security patch Jetpack 12.1.1 to all WordPress sites using the plugin. The rollout began today, and it has already reached more than 4,130,000 sites using any Jetpack version since 2.0.

While most vulnerable sites have been auto-updated to the latest secured version, the rest are anticipated to receive the patch soon.

Herve cautions site administrators to ensure their websites’ security, as attackers might exploit the flaw to target unpatched WordPress sites. He stressed that, despite no evidence of the bug being exploited so far, the risk remains and updating to the latest Jetpack version is critical for site security.

Automattic’s history of proactive security measures

This isn’t the first instance of Automattic proactively deploying security updates to mitigate critical issues in WordPress plugins or installations. In fact, WordPress developer Samuel Wood confirmed in October 2020 that this method had been employed numerous times since the release of WordPress 3.7.

We are keen to know what our valued readers think about this development. How do you perceive this forceful patch installation? Do share your thoughts and opinions in the comments section below!

Jetpack Patch

SDN Yorumları 0 Yorum

Yorum Yap

İlgili Haberler

RTX 40 production stopped! When is RTX 50 coming?
RTX 40 production stopped! When is RTX 50 coming?
Tesla Cybertruck
Trouble again: Tesla recalls 2,431 Cybertruck vehicles!
Galaxy Z Fold Special Edition out of the box!
Galaxy Z Fold Special Edition out of the box!
electric vehicle
Europe is struggling to reach the target for electric vehicles: 2025 targets reduced from 27% to 21

SDN Network

Sihirli Elma Yeşil Robot Tech Inside Pembe Teknoloji Future Flow Life

SDN.net

1250 BORREGAS AVENUE, #40, SUNNYVALE, CA
94089 ShiftDelete.Net LLC

info@shiftdelete.net

Shiftdelete.Net, İnternet Medyası ve Bilişim Muhabirleri Derneği üyesidir.

Desteklio