Users of WordPress blogging software have been targeted by malware that can insert other malware and spam into blog entries.
However, all victims of the malware are using an outdated version of WordPress blogging software with known vulnerabilties.
WordPress founder Matt Mullenweg said in a blog posting that the only way to keep blogs secure is to keep software up-to-date.
"Upgrading is taking your vitamins; fixing a hack is open heart surgery. (This is true of cost, as well.)" he wrote.
According to Mullenweg, the current 2.8.4 and preceding version of WordPress are immune to the malware, which has been targeting users since mid-August.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The malware affects only users who host their own WordPress blog. Blogs hosted on WordPress.com are unaffected.
"If we find something broken, we'll release a fix. Please upgrade, it's the only way we can help each other," said Mullenweg.
WordPress has posted guidelines on its website for users who suspect they have been targeted.