Andrew Nacin, lead developer of WordPress, just finished a talk at Loopconf, where he talked about a series of related WordPress security fixes that spanned two years, with the final fix included into WordPress core under the guise of Emoji support.

Post Status has a good look at some of the really deep security work that has been going on in WordPress lately. There will always be more problems, but we’re getting to the point where the problems (and the fixes) are often quite subtle.

2 thoughts on “Trojan Emoji