A security issue has been found in Movable Type's XML-RPC server. We suggest that all users of Movable Type upgrade their installations to fix this issue.
We have released a new version of Movable Type, version 2.65, to fix this problem. Version 2.65 also includes the mt-send-entry.cgi fix released about 1 month ago.
In addition, version 2.65 includes an Atom syndication template in the default templates, along with an auto-discovery tag in the main index template. It also includes a couple of new tags used for the Atom feeds. If you're upgrading, you can get the syndication template from the default template list.
If you'd rather just fix the XML-RPC security issue, you can just replace lib/MT/XMLRPCServer.pm on your server with the new version of XMLRPCServer.pm (this is a ZIP file--extract it and upload the version of XMLRPCServer.pm within to your server in ASCII mode).