« Good Morning Alarmists | Main | A hooker with a badge of gold »

Blogs Are Inviting Targets

Attention bloggers! If you have a blog that runs Movable Type software there is a critical update that you need to install immediately.

Today we released a mandatory security update for Movable Type and Movable Type Enterprise to resolve a number of cross-site scripting vulnerabilities. To make updating your system easier, we are providing patch distributions for Movable Type versions 3.32 and Movable Type 3.2 containing only the files which have changed.

As one of the first to report this issue (which Movable Type maker Six Apart was already working to resolve), I can assure you of its seriousness. Six Apart has asked that I (and others) sit on the details of the vulnerabilities for a few days until their customers have a chance to apply the patch or upgrade. It's important to note that versions prior to version 3.2 are, in certain instances, vulnerable and upgrading to the latest version is strongly recommended.


TrackBack

Listed below are links to weblogs that reference Blogs Are Inviting Targets:

» dustbury.com linked with Patches, I'm depending on you

Comments (3)

Thanks for the heads up! I... (Below threshold)

Thanks for the heads up! I'm running MT 3.2 for my blogs presently, and was blissfully unaware of the impending doom.

The patch installs pretty easily, even though there are no instructions with it ...

Well ... make that 3.33 now... (Below threshold)

Well ... make that 3.33 now.

One of the things I absolutely love about Movabletype is how simple upgrades and installs are. I had my 3.21 upgraded to 3.33 in about 15 minutes including downloading the tarball, reading the changelog and upgrade guide, to finishing the upgrade.

Now I'm off to play with the widgets.

I'm still on MT 2.661; I'm ... (Below threshold)

I'm still on MT 2.661; I'm worried that upgrading from 2.661 to 3.33 will be a weekend-long task, and I'll have to cancel other planned activities.




Advertisements









rightads.gif

beltwaybloggers.gif

insiderslogo.jpg

mba_blue.gif

Follow Wizbang

Follow Wizbang on FacebookFollow Wizbang on TwitterSubscribe to Wizbang feedWizbang Mobile

Contact

Send e-mail tips to us:

[email protected]

Fresh Links

Credits

Section Editor: Maggie Whitton

Editors: Jay Tea, Lorie Byrd, Kim Priestap, DJ Drummond, Michael Laprarie, Baron Von Ottomatic, Shawn Mallow, Rick, Dan Karipides, Michael Avitablile, Charlie Quidnunc, Steve Schippert

Emeritus: Paul, Mary Katherine Ham, Jim Addison, Alexander K. McClure, Cassy Fiano, Bill Jempty, John Stansbury, Rob Port

In Memorium: HughS

All original content copyright © 2003-2010 by Wizbang®, LLC. All rights reserved. Wizbang® is a registered service mark.

Powered by Movable Type Pro 4.361

Hosting by ServInt

Ratings on this site are powered by the Ajax Ratings Pro plugin for Movable Type.

Search on this site is powered by the FastSearch plugin for Movable Type.

Blogrolls on this site are powered by the MT-Blogroll.

Temporary site design is based on Cutline and Cutline for MT. Graphics by Apothegm Designs.

Author Login



Terms Of Service

DCMA Compliance Notice

Privacy Policy