MT - Important Security Patch

MT - Important Security Patch

Posted by: Anonymous
Posted on: 2005-01-27 08:01:00

A security upgrade for Movable Type has just been made available that closes a hole that allowed spoofed mailing through its mail system.

This is in addition to the recent "Google patch" to modify external links in comments so that search-bots ignore them.

The two patches combined will reduce mis-use of your blog.

More info below.

----------------------------------
OVERVIEW

This plugin closes a vulnerability in Movable Type's mail subsystem. The vulnerability has been exploited to send mail to an arbitrary email address; it is no longer possible to add mail headers to an outgoing mail in this way.
All Movable Type users should install this plugin or upgrade to version 3.15.

http://www.movabletype.org/news/2005/01/movable_type_315_release.shtml


Tags: mail headersoutgoing mailmail systemsend mailmovable typegoogleemailvulnerabilityhttpexploitedarbitraryshtmlpatchesmisblog