MovableType Comment Vulnerability | January 26, 2005
Apparently a large vulnerability in the way Movable-Type handles comments has just been found. This vulnerability allows spammers to use your MT comment script to send unsolicited email, and servers all over the world are feeling the brunt. To stem the flow many hosts (including my own) have shut down commenting for the time being. There is a patch available in the form of an MT Plugin, so I advise all you MT owners out there to grab it now.
Unfortunately most people are slow to upgrade and I’m guessing my hosts won’t be turning comments back on in a hurry. As such, I’m wondering if this could be the tipping point that causes a mass defection to other systems such as Textpattern, Wordpress or Expression Engine. I know I’ve been thinking of changing systems for a while so this may be the push I need.
Posted at January 26, 2005 11:38 PM