For those of you who choose to self host your WordPress blogs, you probably have been noticing security updates for your blog (or CMS site) asking you to update your blog to version 3.0.x over the past few weeks.
While many users usually ignore these warnings (for a variety of reasons), the WordPress founder (Matt Mullenweg) is asking users to update their blogs to version 3.0.4 in order to avoid your blog succumbing to the hands of hackers.
Version 3.0.4 of WordPress, available immediately through the update page in your dashboard or for download here, is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.”
I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well. (WordPress News)
For those of you blogging upon WordPress only hosting sites like Page.ly, PressHarbor and WPEngine, your sites should automatically be updated to the latest version (note: VaultPress Premium users should also be safe, but it’s always a good idea to update your blogs anyways).
However if you are unable to access your blog it might be a good idea to contact your host (or a trusted friend) to see if they will update your blog on your behalf.
Security guru’s can take a look at the changes over here, although all self hosting WordPress users should update their blogs as soon as possible, as the last thing you want to see in 2011 is your blog compromised by a nefarious hacker.
Image Credit: Norebbo