Just upgraded my WordPress installation to WordPress 2.8.5. I am sure that you all know about the new version of WordPress, that has been released with a few security hardening changes before the arrival of WordPress 2.9. The new version of your favorite blogging platform addresses the Trackback Denial-of-Service attack that is currently been seen. WordPress developers highly recommend that you upgrade your installation to this new version, so that you can continue to enjoy blogging and making money online without any security breach.

Important changes in WordPress 2.8.5 include:

• A fix for the Trackback Denial-of-Service attack that is currently being seen.
• Removal of areas within the code where php code in variables was evaluated.
• Switched the file upload functionality to be whitelisted for all users including Admins.
• Retiring of the two importers of Tag data from old plugins.

By the way, what is WordPress Trackback Denial-of-Service attack? It is a security threat created by a vulnerability in wp-trackback.php script. It is reported in WordPress versions prior to 2.8.5. If the vulnerability is present, malicious people may pass multiple source character encodings to the “mb_convert_encoding()” function, which can be used to cause a high CPU load, potentially resulting in a DoS (Denial of Service) attack. The consequences may be sever ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. So, don’t take any chances and upgrade your WordPress installation.