April 14, 2015
Movable Type 6.0.8 and 5.2.13 released to close security vulnerability
We are releasing Movable Type 6.0.8 and 5.2.13 as mandatory security updates. These updates resolved security-related issue discovered in all previous versions of Movable Type 6 and Movable Type 5. We strongly recommend upgrading to the newest version. Details of the security updates In previous versions, including the Movable Type 6.0.6 and 5.2.11 are susceptible to Remote Code Execution vulnerability. It allows an attacker is able to run any perl script on the web server. (CVE-2015-0845) Affected versions of Movable Type Movable Type Pro 6.0.x Movable Type Pro 5.2.x Movable Type Open Source (MTOS) 5.2.x Movable Type Advanced 6.0.x, 5.2.x Steps required to close the security vulneravilities Please upgrade to the latest versions of Movable Type: Movable Type Pro 6.0.8 Movable Type Pro 5.2.13 Movable Type Open Source 5.2.13 Movable Type Advanced 6.0.8 Movable Type Advanced 5.2.13 Versions that are not affected Movable Type Pro 6.1.1 Movable Type Advanced 6.1.1 Movable Type 6.1.1 is already solved this issue. Warnings Movable Type 5.0x and 5.1x has reached End of Life and is no longer supported. For users that are running any version of 5.0x and 5.1x, please upgrade to Movable Type 5.2.13, which is available at no additional charge to paid…
February 11, 2015
Movable Type 6.0.7 and 5.2.12 released to close security vulnerability
We are releasing Movable Type 6.0.7 and 5.2.12 as mandatory security updates. These updates resolved security-related issue discovered in all previous versions of Movable Type 6 and Movable Type 5. We strongly recommend upgrading to a modified version.
May 15, 2014
Securing Movable Type
Data security is an increasingly important topic, and while Movable Type has a strong track record, there are steps you can take to harden your system.
To make this as straightforward as possible, we created the document “Securing Movable Type” to gather some important strategies in one place. Please review it and consider how you or your organization can improve security.
November 15, 2013
Movable Type 6.0.1, 5.2.9, and 5.161 Released to Close Security Vulnerabilities
We are releasing Movable Type 6.0.1, 5.2.9, and 5.161 as mandatory security updates. These updates resolve multiple security-related issues discovered in all previous versions of Movable Type 6 and Movable Type 5.
June 8, 2011
Movable Type 5.11 and 5.051, 4.361 Security Updates
Movable Type 5.11, 5.051, 4.361 were released as mandatory security updates. These updates resolve multiple vulnerabilities discovered in Movable Type 5.x and Movable Type 4.x. All users must upgrade to this latest release immediately. The impact of the vulnerabilities A remote attacker could create, read or modify the contents in the system under certain circumstances. Versions Affected Movable Type Open Source 4.x Movable Type Open Source 5.x Movable Type 4.x ( with Professional Pack, Community Pack ) Movable Type 5.x ( with Professional Pack, Community Pack ) Movable Type Enterprise 4.x Solution Please upgrade to the latest versions of Movable Type 4 or Movable Type 5. Movable Type Open Source 4.361 Movable Type Open Source 5.051 Movable Type Open Source 5.11 Movable Type 4.361( with Professional Pack, Community Pack) Movable Type 5.051( with Professional Pack, Community Pack) Movable Type 5.11( with Professional Pack, Community Pack) Movable Type Enterprise 4.361 Movable Type Advanced 5.11 Download Download Movable Type Open Source Download Movable Type Pro Download other packages (including MT5.051) (What is the difference?) Installation/upgrade instructions Installation guide Upgrade guide New features and fixed issues Please see the release notes for new features and fixed issues in Movable Type 5.11, 5.051,…
May 11, 2010
Movable Type 5.02
Movable Type 5.02 was released by Six Apart today. This is strictly a bugfix release without new features. It contains fixes for a number of issues including one security vulnerability. It is highly recommended that all users of Movable Type 5.x upgrade their installations, especially the ones with multiple users. Details about the issues that were fixed can be found in the release notes. You may note that the release notes are unusually long this time: the focus of this release was on fixing as many bugs and issues as possible before working on new features for the coming releases (we will tell you more about these soon). We would like to thank everybody in the Movable Type community who submitted bug reports, feature requests and other feedback. Your efforts have made this release possible! Downloads Download Movable Type (Open Source) Download Movable Type Pro (What is the difference?) Installation/upgrade instructions Installation guide Upgrade guide Note: if you purchased a Movable Type license you can also purchase our installation or upgrade service and have all the work done by our excellent support team. Found a bug? Need a feature? To avoid duplication of efforts, search existing bugs or feature requests…
December 3, 2008
MT 4.23 is now out
In case you missed the announcement post on mt.com, yesterday evening we released Movable Type 4.23. Much thanks to the community members who submitted bug reports and code patches that contributed to this release. More details can be found on the change log, or you can just use the following direct download links to get MTOS 4.23:MTOS-4.23-en.tar.gzMTOS-4.23-en.zipPlease note that this is a mandatory security upgrade due to the fixes for XSS vulnerabilities that it includes….
August 8, 2008
Movable Type 4.2 RC5 and Security Updates
We’ve mentioned it on the Movable Type product site, but we’re proud that MT has a history of being one of the most secure publishing platforms around. So a big part of our effort in creating Movable Type 4.2 has been around ensuring that it’s our most secure release ever. And along the way, we’ve made some changes that will even improve security for older versions of MT. Today we release Movable Type 4.2 Release Candidate 5, the last planned release candidate for this version of Movable Type before its final release, and the culmination of the largest security evaluation effort ever for our platform, and possibly for any installable blogging platform. The diligent work of our team, joined by community contributors around the world, has found a few areas where we’ve been able to make Movable Type even more secure. In the case of Movable Type 4.2, that means its forthcoming final release will be the most secure version of MT ever. In the case of earlier releases, it means we’ll be providing updates to remedy these potential security vulnerabilities. It’s important to note that there are no known exploits of these issues, but we’ve chosen to preemptively address…
June 20, 2008
Movable Type Security Update for 4.0 and 4.1