We are pleased to announce the release of ExpressionEngine 1.6.2 ”Deja Vu”, available in the Download Area today.  This version is a maintenance release that fixes all of the known bugs in the 1.x branch of ExpressionEngine and is meant to encourage our users to update their installations with the latest files.  There were a few notable items in the change log that I would like to mention and are the reason we made this a full version release opposed to just a build.

1.  The Database Backup Utility has been disabled in ExpressionEngine.  On large databases and certain shared hosting set ups, it was not reliable and had caused a couple notable losses of data for our users.  With our development of ExpressionEngine 2.0, we did not have the resources to do a complete rewrite in order to make it more efficient and reliable for every possible situation.  And even with a rewrite, its abilities would still have been greatly limited by the hosting environment.  We still strongly encourage you to backup your database regularly and always before an upgrade using a tool like phpMyAdmin or a service provided by your web host.

2.  Due to a certain Chief Technology Officer being absentminded, our Copyright sprinkled throughout the program was not updated to include the year 2008.  Who knew the New Year was coming up so fast in mid-November?

3.  Thanks to the assistance of one of our users, we discovered within ExpressionEngine a possible XSS vulnerability caused by some old code for a feature removed back in ExpressionEngine 1.2.  We have removed that code in this version and while it has never been known to be exploited, we suggest everyone update to this version to insure that it never will be.

Read more about 1.6.2 in the Change Log for more details.

Make sure to follow the Version Update Instructions closely.