Er… did someone pwn my WP dashboard?

So, I logged into WP to write a blog post and found this floating at the top of the dashboard…

D00d ur browser is old and skanky. Upgrade now.I’m like, “Que?” Has WP been owned? What is “Browse happy?” Hmm.

<BASILFAWLTY>

Yes, yes. I know I’ve not put the latest and greatest Firefox on just yet. It’s in the list of things to do, awaiting sufficient round tuits. I don’t want to have to break off what I’m doing right now to lose all my browser windows during an upgrade. I’m trying to do stuff, can’t you see?

</BASILFAWLTY>

Oh damn. You’ve made me break off and write this thing anyway…

It looks like some pop-up that a naive user would click on, and subsequently get their machine owned. Well, okay, it’s not got terrible grammar or spelling, but despite it being a legitimate campaign, it looks not unlike something that miscreants would use to spread malware.

It’s a laudable effort to keep folks browsers up to date, but should someone as responsible as widely used as WP be encouraging users to click on “Install this now” links, and using the “You’re X is out of date!” statements, so commonly used by malware droppers?

I don’t think it’s necessary.

This also links very nicely with an article that I’m writing (or at least, trying to!) about poorly considered impacts of UI changes.