That’s a catchy title. Keeping up with the versions of any software that you have installed is almost always a good thing. If you have any WordPress version pre-<insert-latest-version-here> then you should upgrade.
To me, open source software is best if only for one reason: vulnerabilities get discussed openly and often fixed very quickly. Open discussion is not a bad thing; people who exploit software on the Internet have their own forums too.
There is currently some hacks going on involved with older versions of WordPress. I am sure the details will come out but for now the remediation is upgrade to the latest version.
That’s not unreasonable. WordPress is not a paid software company (spare me the comments about Automattic, that’s a service company and the service they provide is the blog hosting) and there are no SLA or support contracts on a specific version of WordPress. Why should developers maintain multiple version trees of the software? That was tried with the 2.0.x release for Debian reasons but that didn’t work out.
Using software on the Internet is a game of keeping up with the Joneses and being responsible. Your hacked server is not just hurting you, it’s making the whole neighborhood look bad and ruining it for everyone else.
So Upgrade or Die. Keep your software current.
Update: This is a fun read on the WordPress support forums. Most of the hacked/security threads turn into real name calling entertainment which in turn targets people who are trying to help them. Here’s how it works: someone gives solid practical advice, and someone else complains that their feelings were hurt. Name calling ensues.
Sad to say, but some people believe that free open source software means that the community must keep them safe from their own laziness ignorance stupidity inability to manage their own installations.
Sometimes a site gets hacked regardless of best effort. It happens and you deal with it. But these end users who don’t do what they need to? They continue to hang out in Darwin’s waiting room.
