Site icon David Yin's Blog

Upgrade MovableType 5.13

It is a mandatory security updates. As 6A said:

Movable Type 5.13, 5.07, and 4.38 were released as mandatory security updates. These updates resolve multiple vulnerabilities discovered in Movable Type 5.x and Movable Type 4.x. The vulnerabilities were found as a result of our internal security audit, except the one reported from Trustwave (TWSL2012-002). All users must upgrade to this latest release immediately.

Upgrade process is very simple. Download the tar file, decompress it, copy all files to overwrite the old files.
When log in, it will automatically go to mt-upgrade script.
It also has some new features.
Account and IP Lockout
Account lockout is a feature to protect your Movable Type account from a password-guessing attack known as a brute force attack or a dictionary attack. Movable Type locks out accounts after defined number of incorrect password attempts.
Changing Password Validation Rules
A system administrator can set password validation policies to let users to use stronger passwords.
Stronger Password Encryption


Oh, do not forget to refresh the templates as described here.

Exit mobile version