Bloggers Fail to Upgrade, Risk Attacks

A SecurityFocus report tells of bloggers using the popular WordPress blogging software being vulnerable to attacks and infections because they fail to upgrade their WordPress installations. Security analyst David Kierznowski mentioned a couple of reasons why bloggers haven’t upgraded to the latest version:

• A lot of bloggers are not technical, and therefore, do not fully understand the reasons behind upgrading their software.
• A lot of users do not want to upgrade because their favorite plugins would fail.

The report further mentions that more than 90,000 URLs host links to malicious software based on a list maintained by StopBadware.

It’s also worth noting that a lot of bloggers resist to immediately upgrade because of the risk of losing relevant data. It isn’t enough to back up a database. Formatting and other back-end problems could also occur due to an upgrade. This would then lead to another problem- support. A certain blogging software may have a large user base, but those who have immediately upgraded risked getting stuck in a situation wherein their blog isn’t working and at the same time waiting for someone to respond to their problems in the support forums. For many, they would rather wait for a few days and then decide for themselves if it’s already worth upgrading to a new version.

There was one classic example that I’ve witnessed a week ago at the WordPress Support forums. Those who’ve upgraded early to the latest 2.2 version have had problems with htaccess permisions and MySQL memory usage inconsistencies. One user was asking why he had MySQL errors when in fact he properly followed the instructions at the Codex page on upgrading to the latest version. A moderator responded and advised the user to consult his Web host administrator. Isn’t it frustrating to get a somewhat dead-end answer?

It’s definitely a good thing to upgrade. I’m enthusiastic about upgrading my software too. It’s just that a few obstacles could occur along the upgrade process and this is what hinders those who would want to upgrade. Nevertheless, as the old adage goes, better late than never.

A new design of Project Afterlight is on the way and it will be based on the new WordPress 2.2 version. I hope you like it.

This entry was posted on Friday, May 25th, 2007 at 8:35 and is filed under Web News. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.