UPDATE: WordPress 2.6.5 has been released. This is still no legitimate version 2.6.4 and there never will be.
As of the time of this post, there is no such thing as WordPress 2.6.4. There also likely never will be as 2.7 will be the next version of WordPress assuming no emergency security fixes are needed before it comes out.
If you “upgraded” to “2.6.4”, then you have installed a fake trojan version (full description is here and here), you should delete your wp-admin
and wp-includes
folders and replace them with fresh copies downloaded from WordPress.org, the official site. If you have a recent database backup from before you upgraded, I would also advise dumping your database and using that backup just to be safe. You should also of course change all of your WordPress user account passwords.
Please be smart when it comes to WordPress! Because it’s so immensely popular, it has become the target of spoofers and hackers. Always type in the URL to the official site (rather than using a link and not paying attention) if you are trying to download the latest version.
Pingback: WordPress Wednesday News: WordPress 2.7 Beta 2, Danger WordPress Faker, and More WordCamps | The Blog Herald
Pingback: Warning: Fake WordPress Malicious Site « Lorelle on WordPress
Thanks for the warning 🙂
Pingback: Beware of this fake WordPress malicious site! « Bloguear por bloguear…
Pingback: WordCast 35: Typing with Whisks | WordCast - The web's best podcast on WordPress and blogging
Looks like the folks at wordpress have decided to skip wordpress 2.6.4 and go straight to 2.6.5 which was just released today due to security and other bug fixes. you can read the full post and get the new version on the wordpress.org site. http://www.wordpress.org
read the blog here: http://wordpress.org/development/2008/11/wordpress-265/
it’s sad that it’s come to this for the open source world. That programs such as wordpress become targets for hackers.
Brandon
Pingback: WordPress 2.6.5 - Security and Bug Fix Released | (Anti) Social Development
Pingback: Episode 48: WordPress 2.6.5 released, Mark Jaquith on 2.7, WordPress Direct controversy - The WordPress Community
Pingback: WordPress News: WordPress 2.7 Out on WordPress.com, WordPress 2.7 News, WordCamps, WordPress Plugins and Themes Updated | The Blog Herald
Pingback: Blog Herald WordPress News: WordPress Scholarship, 800,000 WordPress 2.7 Downloads, XML-RPC Problem, and Top Plugin Authors « Lorelle on WordPress
Pingback: Downadup Spreads - Infects 1 in 16 PCs | The Blog Herald
That’s why it’s always a good idea to update from the WordPress site itself, luckily for us the new versions allow for us to auto-update without downloading, uploading and installing the mods on our own. Good looking out, a simple google search returns many sites running the ‘trojan’d’ 2.6.4 version…