WordPress installations received a security upgrade on Friday to patch a number of vulnerabilities. The update to version 3.3.2, as well as 3.4 Beta 3, fixes issues in file uploaders Plupload and SWFUpload, and Adobe Flash embedding tool SWFObject. The new version also comes with fixes for several privilege escalation and cross-site scripting bugs. Cyber criminals heavily use vulnerable WordPress sites to spread malware, and they may have been utilized in the recent Flashback trojan attacks on Mac OS X systems.
Legislation seeking to address open source software risks in government has been introduced by Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, according to The Record, a news site by cybersecurity firm Recorded Future.