Given the millions of sites this vulnerability potentially affects, it certainly warrants review and investigation. Here is to hoping WordPress provides a timely patch. In the interim, it is certainly wise to monitor and control the comment posts to any sites you manage running these versions of the CMS.
It is always important to know your enemy, even when that enemy is malicious code looking to wreak havoc and steal data. This article from Tripwire details several of the ways malware evade detection or deletion.
I am spending the week in San Francisco for BSidesSF and RSA and was at a few of these sessions yesterday. The content was strong and well worth the time investment. Not to mention, doughnuts were provided. Enjoy this recap from Tripwire!
Let me begin by saying that Chris Roberts made a couple of bad, though humorous choices when he decided to tweet in jest about compromising on-board systems on an airplane. That said, the threats he has detailed in his various public and private sessions are legitimate and should be addressed with great haste and vigor. I believe United is largely overreacting to his comments and overstating the capabilities of their in-flight security controls. This is certainly an intriguing conversation to follow in the coming weeks and months.