Not a developer? Go to MovableType.com

News

MOVABLE TYPE 6.2.6 AND 6.1.3 RELEASED TO CLOSE SECURITY VULNERABILITY

By Yuji Takayama
Posted June 22, 2016, in MT Newsbox.

We are releasing Movable Type 6.2.6 and 6.1.3 as mandatory security updates. These updates resolve security-related issues discovered in all previous versions of Movable Type 6. We highly recommend upgrading to the latest version.

Please see Securing Movable Type for additional steps to protect your installation.

DETAILS OF THE SECURITY UPDATES

Previous versions, including Movable Type 6.2.4 and 6.1.2, are susceptible to SQL injection attacks via XML-RPC interface.

AFFECTED VERSIONS OF MOVABLE TYPE

  • Movable Type Pro 6.0.x, 6.1.x, 6.2.x
  • Movable Type Advanced 6.0.x, 6.1.x, 6.2.x

STEPS REQUIRED TO CLOSE THE SECURITY VULNERABILITIES

Please upgrade to the latest versions of Movable Type:

  • Movable Type Pro 6.2.6
  • Movable Type Pro 6.1.3
  • Movable Type Advanced 6.2.6
  • Movable Type Advanced 6.1.3

RELEASE NOTES

Please review the Movable Type release notes to see everything that was added and improved since the version you are currently using. Also, review the known issues sections in case there are items of which you should be aware before upgrading.

DOWNLOAD

If you have an existing Movable Type 6 license, you can download the latest Movable Type from our download portal using your Six Apart ID.

To purchase a new license or an upgrade, please visit MovableType.com for more information, or feel free to contact us if you have any questions.

Back

Leave a Comment

Yuji Takayama

Yuji is the Movable Type Lead Engineer and Senior Product Manager. I’m worked on Six Apart from 2006.

Twitter: @yuji