Wordpress update message from Google

Selected answers from the Dumb SEO Questions Facebook & G+ community.

• 
  Alan Bleiweiss: They recently started sending these out - I think the 1st one I saw was a month ago.
• 
  Webado C Webada: I have not received any because I am fast with all updates but I have read forum posts from others.
• 
  Steve Gerencser: I remember them doing that around the 3.0 switch as well. Apparent;y there was a largish security issue that was causing them to push people to upgrade.
• 
  Neil Cheesman: Is there an emoji for blowing a raspberry? ;)
• 
  William Rock: I did find a current Google Webmaster Help Forum post about the same topic ... time stamp this afternoon 4:03pm @ https://productforums.google.com/forum/#!topic/webmasters/CEuQL3wTdgQ
• 
  William Rock: Here is another post to follow @ https://productforums.google.com/forum/#!topic/webmasters/xazBzzFEN-8;context-place=forum/webmasters
• 
  Webado C Webada: Well probably Google ran the scan a little while ago before you`d updated. Even just maybe a day before. I update within minutes of getting the notification from Wordfence. It`s a PITA but one of my sites was hacked before because I waited 2-3 days to update (I was out of town without my own laptop).
• 
  William Rock: on more @ https://productforums.google.com/forum/#!topic/webmasters/HFSqFKFBNKk;context-place=forum/webmasters
• 
  Webado C Webada: I do wonder where it finds version information since it`s not in the source code.
• 
  Casey Markee: I received several today. A LOT of these are false positives. For example, I got two of them for sites that are already running 4.7.2. Make sure you educate your clients.
• 
  William Rock: you can also use this tool to check for vulnerabilities & version @ https://sitecheck.sucuri.net/
• 
  Neil Cheesman: I have 5 references to 4.7.2 in source code... inc emoji, dashicons...
• 
  William Rock: Here is what the Message looks like
• 
  William Rock: as for Google figuring out what version you are running that is easy @ https://builtwith.com/
• 
  Neil Cheesman: Probably the russians...
• 
  Neil Cheesman: to reiterate - it seems it is within the source code... ie.. I have 5 references to 4.7.2 in source code...
• 
  Webado C Webada: Aha sucuri finds Wordpress Version 4.7.1 based on: /wp-admin/js/editor-expand.js . No idea what that does. Weird. I know I`ve got 4.7.2 - my dashboard says I do. I say I do LOL
• 
  Neil Cheesman: Just checked another domain and that actually has "" (not the domain where I received the message)
• 
  William Rock: This is what I see in the code for one of the sites that received that message =
• 
  William Rock: I am looking at the site I showed an example for to see if the code is there as well :)
• 
  Webado C Webada: Hmm, maybe I don`t have it because I use Wordfence to remove visible references to version.
• 
  Webado C Webada: I have no references at all to 4.7.2 in the source code. Nor any other version of core WP. Some of the plugins, yes.
• 
  William Rock: Wordfence is a great tool and normally notifies you if things are out of date :)
• 
  Neil Cheesman: and a second domain with the same... "" - Must be within the theme...
• 
  William Rock: I think I see why Google may have sent out the messages Ford WordPress @ http://www.zdnet.com/article/wordpress-patches-critical-xss-sql-injection-bugs/#ftag=CAD-00-10aag7e