A security threat has been found in the automatic update feature of WordPress with net-security.org alleging that over 1’000+ WordPress powered websites have been affected thus far due to the vulnerability. Affected sites are said to redirect the visitor to affiliate, malware, pay-per-click re-directors, and low quality PPC search result aggregators.
WordPress v3.4.2 which is a maintenance and security release has been released to the public for download a few days ago. WordPress 3.4.2 fixes a few security issues and contains some security hardening. The vulnerabilities included potential privilege escalation and a bug that affects multisite installs with untrusted users. These issues were discovered and fixed by the WordPress security team.
A quick easy way to increase your WordPress sites security is to enable 2 step authentication in WordPress Google authenticator app using a free plugin for WordPress to introduce this functionality to your site.
By using WordPress Google authenticator it enables a 2 step login process on your WordPress site generating a unique code on a iOS or Android smartphone app to be used in conjunction with a users password when logging into your site.
There are several other services that allow for 2 step login authentication other than Google with one of the most popular alternatives being Duo Security, In this particular tutorial I will be focusing on the WordPress Google authenticator plugin and app which I personally prefer as a single app to use across all my WordPress installs along with many others site too.