十一月
7
2008

WordPress 2.6.4會被植入木馬

我剛剛收到mcafee的通知信件,信件的標題是:Avert Labs Low-Profiled Threat Notice: PHP/WPTrojan.b 阿維雜記本不是使用WordPress,但是我還是貼出來提醒一下還沒升級WordPress的朋友盡快升級。

信件內容如下:
Notice
This is a Low-Profiled Threat Notice for PHP/WPTrojan.b

Justification
PHP/WPTrojan.b has been deemed Low-Profiled due to media attention at http://www.theregister.co.uk/2008/11/06/trojanised_wordpress/.

PHP/WPTrojan.b is referred to as the "WPHack-A Trojan", in the article at theregister.co.uk.

Read About It
Information about PHP/WPTrojan.b is located on VIL at: http://vil.nai.com/vil/content/v_153363.htm
(這個網頁中說明了WordPress 2.6.4中的pluggable.php會被感染)

Detection
PHP/WPTrojan.b was first discovered on November 7, 2008 and detection will be added to the 5427 dat files (Release Date: November 07, 2008).

To stay updated and protected download the latest dat files from http://www.mcafee.com/us/downloads/index.html

If you suspect you have PHP/WPTrojan.b, please submit a sample to http://www.webimmune.net

Comments are closed.