Zeke Weeks

Zeke Weeks

Web Developer & Consultant


  • Blazing Wheel (My company)
  • GitHub
  • LinkedIn
  • Drupal.org
  • ContactMy preferred methods of interaction with the general public are through my Twitter or Google+ accounts. I love talking with folks in the tech community, brainstorming, debating, the works, and that’s where the conversation is richest. My instant messaging (Google Talk/AIM/MSN/Skype) and email addresses are made available on a need-to-know basis, and may be requested through the above public channels. At home, I’m in the Mountain Time Zone, and observe Daylight Savings Time. (Click here to see the local time.) If you need to reach me privately, you can do so through this form, which goes directly to my personal email account. Please respectfully consider that this form often contacts me while I’m with loved ones or getting some R & R; I cannot guarantee a response to every message.


Important security note for WordPress users

There’s a vulnerability in a piece of software called timthumb.php that is used by some self-hosted WordPress themes and plugins for image manipulation (not WordPress.com.)

If you have shell access to your web server, go to your web root directory and run:

find -name timthumb.php

(If you can’t do it through the shell, check your hosting control panel’s file manager for a search function or ask your host to run the search for you.)

If you find timthumb on your server, figure out what plugins/themes use it and delete them for now. (I found that WP Featured Content Slider and Featured Post with thumbnail are among the affected plugins.) If removal isn’t an option, get a developer who knows their way around WordPress to safely delete the timthumb library without breaking the rest of your site.

Find full technical details at Zero Day Vulnerability in many WordPress Themes | mm.

August 2, 2011
security, timthumb, wordpress
Technophilia

Get new posts by email

Website Powered by WordPress.com.

  • Follow Following
    • Zeke Weeks
    • Join 437 other followers
    • Already have a WordPress.com account? Log in now.
    • Zeke Weeks
    • Edit Site
    • Follow Following
    • Sign up
    • Log in
    • Copy shortlink
    • Report this content
    • View post in Reader
    • Manage subscriptions
    • Collapse this bar