The MT sites I host have been getting hammered with this email spamming flaw that allows arbitrary emails to be sent out from any MT installation. Fortunately I can block it (though bluntly) through mod_security. If you run MT, please delete the comments script until a fix is out. Will link to more information as it’s available. Update: More at TextDrive. Update: Fix available. ¶
Possibly related posts:
- Google Analytics script 40% still use old Google Analytics script. Don’t forget to...
- How P2 Changed Automattic If you haven’t heard of P2 yet, check out this...
- Intense Debate Goes Automattic Some cool news today — Automattic is acquiring Intense Debate....
- MT Pro w/ Comments Movable Type Pro — with Comments! The latest innovation in...
- Awesome Comment Plugins Introducing IntenseDebate Plugins: add the features you want. Now ID...
Matt Mullenweg is one of PC World’s Top 50 People on the Web, Inc.com’s 30 under 30, and Business Week’s 25 Most Influential People on the Web. 
Jay Allen | January 24th, 2005 @ 6:33 pm |
About to release a patch…
Matt | January 24th, 2005 @ 6:36 pm |
That was fast!
Jay Allen | January 24th, 2005 @ 7:32 pm |
The changes are small enough to print on a t-shirt. Look to CafePress soon for all of you bug fix gear.
Pingback: 8 Ways to Sunday
Adam M. | January 24th, 2005 @ 8:29 pm |
This just in:
The patch has been made available in both upgrade and plug-in flavors. The plug-in is compatible with MT 3.x and 2.661, thank God.
(props: Brad Choate, via the TextDrive forums)
Scott Johnson | January 25th, 2005 @ 10:23 am |
It sure was nice to be able to upgrade before the problem ever affected me. The folks at Six Apart are really getting good at this stuff!
Michael Heilemann | January 26th, 2005 @ 10:56 pm |
Then maybe now I can finally get in contact with my SQL server again
Pingback: Binary Bonsai » Archive » Reason for Bonsai Downtime