Versions of WordPress from 3.0 up to 3.9.2 were discovered to contain a security vulnerability through the comment features on the site, making a large number of installs and servers vulnerable to attack. The bug was discovered by Jouko Pynnonen of the Finnish IT company Klikki Oy, indicating that the bug went unchecked for more than four years since it was introduced with version 3.0 in June 2010.
Bug could have been exploited to generate a list of every Gmail address
A bug in Gmail could have left every user's email address on the service exposed to collection by outside parties for close to four years. A security researcher from Tel Aviv discovered the bug, which allowed him to collect 37,000 email addresses in as little as two hours with a brute force attack. The bug could allow someone to change a token in a URL, gained from a declining access notification in Gmail's delegation feature, using a script to gather addresses.
Version 11.2.1 corrects accidentally hidden Users folder
On Friday, Apple updated its iTunes application for the second time in as many days, but this time it was to correct a bug apparently introduced in the previous update, which accompanied the release of OS X 10.9.3. The new iTunes 11.2.1 update has the same release notes as the previous version but in fact exists solely to correct an error that hid the "Users" folder, causing consternation among Mavericks upgraders.
First version deleted photos in some cases
Fixing a bug that has gotten widespread coverage in recent days, Apple this afternoon began pushing an iPhoto 9.0.1 update to its Software Update servers in an effort to fix an issue that causes corruption and data loss in the iPhoto Library for some users upgrading from previous versions, along with other issues. The bug affects the version of iPhoto shipped in the iLife '11 retail package.
Group demands $150K per download
Eight music publishers have sued Limewire for copyright infringement. David Israelite, chief executive of the National Music Publishers’ Association, said his organization decided to pursue its claim after record companies won a similar lawsuit last month. The publishing group is claiming damages of $150,000 per download, the same as the record industry sought.