MT 3.15 bug fix

Six Apart just released a bug fix to Movable Type, to plug a quite serious "vulnerability in the mail sending packages for all Movable Type versions which allows malicious users to send email through the application to any number of arbitrary users" (read: that can be used by spammers to send e-mail spam from an MT installation.)

An exploit was reported yesterday on the Six Apart Professional Network and 6A got a patch out overnight! Kudos to them.

Since this vulnerability has been present in all versions since 1.0, all MT users are strongly encouraged to either upgrade to version 3.15 or install a plugin that fixes it (see the announcement and instructions.)

1 Comment

And my host, TextDrive, has been hit by a massive attack from spammers today. No coïncidence, you must update asap!

mensuelles Archives

Recent Entries

  • Steve Jobs

    "Remembering that I’ll be dead soon is the most important tool I’ve ever encountered to help me make the big choices in life. Because...

  • Your privacy on MOTOBLUR by Motorola

    After the Nokia Ovi Store carelessness, it's now Motorola who's allowing strangers to get access to your private information on their MOTOBLUR portal. Exactly like...

  • How to resume a broken ADC download

    (I'm documenting this trick for myself to remember, but it can be useful for others…) Apple, on its Apple Developer Connection site, has a bad...

  • WTF is this ‘myEventWatcherDiv’ doing in my web?

    All of a sudden I started to find the following line in most of the web pages I was browsing, including ones I made where...

  • Your privacy on Nokia Ovi Store

    My friend Adam Greenfield recently complained about the over-engineering culture at Nokia: I was given an NFC phone, and told to tap it against the...