It's time again for our regular patch release and this time we've added some improvements to back office security.
As part of a security audit done by a Umbraco Confidence customer and independent security company MWR Labs we made some updates to the core to prevent that an authenticated Umbraco user would be able to access certain edit screens in sections of Umbraco that the User hadn't been granted access for.
Don't be scared, the risk of these security issues being exploited is very low.
Other than that, this is a pretty small patch release for both v4 and v6. There's of course bug fixes and and you should see improvements in bulk publishing (more improvements to come soon).
For a full list of changes:
The releases are now available on CodePlex and on NuGet (6.0.4 & 4.11.7), enjoy!