The geeks over at WordPress did it again! Yes, another update to secure the safety of all mankind. I recently updated this blog and I didn’t a single new thing at all. I presume that for hard core users and those who were really concerned about the security of their blogs, this update is heaven sent. But for a hoi polloi like me, this means nothing.

I found out that this update has something to do with the loophole in your WordPress login form. Below is the statement from WordPress.org

A specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

If you don’t want someone to reset your password and if you don’t want to be annoyed about it, upgrade now to WordPress 2.8.4! Hurrah!