A Bug in WordPress Update Disables Auto-Update Functionality

ITS Advisory Number: 
2018-019
Date(s) Issued: 
Thursday, February 8, 2018
Subject: 
A Bug in WordPress Update Disables Auto-Update Functionality
Overview: 

A bug has been discovered in WordPress 4.9.3 that disables the auto-update functionality. WordPress is an open source content management system (CMS) for websites. 

Systems Affected: 

WordPress 4.9.3 

RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
Medium
BUSINESS
Large and medium business entities: 
High
Small business entities: 
Medium
Home Users: 
Low
Description: 

A bug has been discovered in WordPress 4.9.3 that disables the auto-update functionality. This bug was discovered after the release of WordPress 4.9.3.

Note: In order for WordPress to automatically receive future security updates, version 4.9.4 will need to be installed manually.

 

Actions: 
  • After appropriate testing, apply appropriate updates provided by WordPress manually to all affected sysytems.
  • Apply the Principle of Least Privilege to all systems and services.