ExpressionEngine 1.6.4 Maintenance and Security Release

Development of 2.0 is still in full swing, and we know everyone is looking forward to the new version, but we are still committed to keeping 1.x best in class, and keeping our high standards for quality and security.  With that in mind, we are today releasing ExpressionEngine version 1.6.4, a maintenance and security release that is recommended for all users.

Primarily, 1.6.4 brings a number of bug fixes and performance enhancements, continuing to improve and refine existing features.  As always, the details of these changes can be found in the Change Log.

Additionally, with the assistance of a dedicated CodeIgniter user, Pascal Kriete, the development team has identified and fixed a potential cross-site scripting vulnerability.  No sites are known to have been affected, and the circumstances required to successfully execute an exploit on a live ExpressionEngine installation are quite uncommon.  However, it is still a possibility, and therefore this update is recommended for all users.