If you're an Movable Type user who bothers to keep their software up to date, you're probably already on top of this.

But just in case you were away from the holiday weekend and behind on your reading, your MT installation comes with a CGI script that can be exploited to let anyone send arbitrary email from your server.

The official patch is available, if you don't want to just delete the file in question.

This blog is no longer active, and comments have been disabled.