ShiftDelete.net
FOLLOW US

WordPress executes forceful Jetpack Patch on millions

A critical security patch for the popular Jetpack WordPress plugin is being forcefully installed on 5 million sites by Automattic, the parent company behind WordPress.

WordPress executes forceful Jetpack Patch on millions

The renowned company, Automattic, managing the highly-used WordPress CMS, has initiated a forced security patch installation to address a severe vulnerability in the much-loved Jetpack WordPress plug-in. This move is currently affecting millions of websites globally.

A much-needed security solution

Jetpack, a widely favored plugin, enhances the WordPress experience with free security, performance, and site management tools. It offers features such as site backups, protection from brute-force attacks, secure logins, malware scanning, among other benefits.

Data from the official WordPress plugin repository highlights that Automattic maintains the plug-in, which boasts over 5 million active installations currently.

During an internal security audit, Automattic’s Developer Relations Engineer, Jeremy Herve, shared that they discovered a vulnerability within the Jetpack’s API that has been present since version 2.0, launched in 2012. This vulnerability could potentially allow site authors to manipulate any files within the WordPress installation.

Swift action for greater security

Automattic has swiftly responded by rolling out the security patch Jetpack 12.1.1 to all WordPress sites using the plugin. The rollout began today, and it has already reached more than 4,130,000 sites using any Jetpack version since 2.0.

While most vulnerable sites have been auto-updated to the latest secured version, the rest are anticipated to receive the patch soon.

Herve cautions site administrators to ensure their websites’ security, as attackers might exploit the flaw to target unpatched WordPress sites. He stressed that, despite no evidence of the bug being exploited so far, the risk remains and updating to the latest Jetpack version is critical for site security.

Automattic’s history of proactive security measures

This isn’t the first instance of Automattic proactively deploying security updates to mitigate critical issues in WordPress plugins or installations. In fact, WordPress developer Samuel Wood confirmed in October 2020 that this method had been employed numerous times since the release of WordPress 3.7.

We are keen to know what our valued readers think about this development. How do you perceive this forceful patch installation? Do share your thoughts and opinions in the comments section below!

Jetpack Patch

SDN Comments 0 Comments

Comment

HOW TOAll

Related News

Indonesia expects Apple to invest more than 100 million dollars!
Indonesia expects Apple to invest more than 100 million dollars!
Steam Ends Support for Older Windows and macOS Versions
Valve Pulls the Plug!
universe
Our universe may not be the most suitable universe for life!
siri apple
Will the most advanced version of Siri be reserved for iOS 19?

SDN Network

Sihirli Elma Yeşil Robot Tech Inside Pembe Teknoloji Future Flow Life

SDN.net

1250 BORREGAS AVENUE, #40, SUNNYVALE, CA
94089 ShiftDelete.Net LLC

info@shiftdelete.net

Shiftdelete.Net is a member of the Association of Internet Media and IT Reporters.

Desteklio