Six Apart Releases Movable Type 3.16
Six Apart released Movable Type 3.16 encouraging all users to upgrade their systems. The announcement notes that...
This release includes over 100 significant improvements to application security, usability and reliability across the thousands of environments that Movable Type supports.
In her company weblog, Six Apart President Mena Trott says...
About five months ago, as the Movable Type team developed the roadmap for future versions of the product, they also evaluated Movable Type and its core code. A decision was made that, before we added the features on the roadmap, we first needed to step back to address and fix the issues (bugs and oddities) that we already knew about. The community has provided, through bug reports and feedback, a great springboard for this. But we also did something new for the first time — we decided to invest in something more than public beta tests: we hired a professional quality assurance team to discover new bugs.
Responding from to developer inquiries in a message to the ProNet mailing list, Jay Allen, the product manager for MT says...
Our goal with mentioning the security issue the way we did was to make it clear that upgrading is necessary and give people time to do so in advance of publishing the specific details since no exploits exist in the wild currently.
Mind you, we're not trying to cover our tracks. It's a delicate balance between disclosure and exposure for a very large distributed user base with widely varying upgrade cycles.
The new version can be download from the Six Apart here.
