Timing is everything. I launched this blog on Jan. 11. On about the 15th, some crazy hacker started hitting SEO-related blogs, using a security vulnerability discovered in the WordPress blog software. Just my luck. The story of my life.
Fortunately, the good folks at WordPress popped out an update right quick to fix the vulnerability. I installed the update here yesterday, as well as on the WordPress-based sites belonging to clients, and none of us was hurt. A lot of the really big names in SEO were hit, though, because the hacker went after them first. Us little fishies had warnings so that we could update in time.
Okay, now look at that timeline. On the 15th, the hacking started. On the 16th, I applied the patch to WordPress sites. One of the really terrific things about open source software is that it gets maintained by people who care passionately about it. The WordPress programmers have pride in their work, and they weren't about to leave WordPress open to this sort of maliciousness a minute longer than they had to.
So why does Microsoft often take months to push out security patches?