The development team of popular open-source blog-software Wordpress just released the security update 2.6.2. It is highly recommended to install the update to eliminate some security issues within the Wordpress installation – especially for blogs with open registration.

The update fixes a security issue caused by the weak implementation of the php function mt_rand() in many popular php-distributions. The function is used for seeding the random number generator. It also addresses the security risk of MySQL and SQL column truncation vulnerabilities. Stefan Esser reported both security-issues which are probably relevant to a lot of other php-based open-source projects. Thanks, Stefan!

Beside the fix of security issues, the Wordpress version 2.6.2 also implements some minor bugfixes. Therefor the upgrade to the newest version of WP is highly recommendet to everybody using Wordpress.