Recently a serious security patch was released for a library that is used in WordPress core. Not a WordPress specific library, but one that is used in many web applications. WordPress released this update and it was automatically applied to all WordPress sites that allow automatic updates. This feature has been a feature of WordPress since 3.7, and it applies to any site with that feature turned on, not just the latest version of WordPress. These are on by default unless you explicitly disabled them in or you have disabled wp-cron.
If you are using a version of WordPress earlier than 3.7, or some other web based application/CMS that is far out of date, consider updating to a newer option. We love WordPress because it is so easy to keep it up to date and secure – it literally does all the work!
These updates run on wp-cron, so if that is disabled, you’ll need to have an external cron job set up. You should even consider setting up a cron job anyway to check for these updates on a specific schedule ( i.e. hourly or daily ) so if they are applied even quicker.
Keeping your website up to date not only keeps your data safe from being hacked, but it also protects your customers, users, and visitors safe from vulnerabilities. It can also protect your brand from embarrassing issues that could hurt your business.
Remember: You are only as strong as your weakest link! There are lots of parts to web security that could be lacking, so take care and make sure to keep your software up to date. Or let WordPress keep it up to date for you!