Bitcoin exchange Mt Gox first halted withdrawals two days ago, spurring a selling panic and furious speculation — but now, they've finally come clean about why. In a post this morning, the team said it noticed a currency-wide vulnerability called "transaction malleability" that would allow a user to alter transaction details to make it seem as if a transfer failed when it had actually succeeded. Since users regularly report to exchanges that particular transactions did not go through, it represents an enormous opportunity for fraud, and the team said they had suspended any bitcoin-to-bitcoin withdrawals until the vulnerability could be fixed.
Because the vulnerability extends across the Bitcoin community at large, the changes will have to be approved by the core developer community, many of whom have doubts about how serious the vulnerability really is. As one developer told Business Insider, "'There is really nothing to worry about in this case' is the best and most... correct advice I can give." Luckily for Mt Gox users, the exchange is still allowing withdrawals into non-Bitcoin currencies, since those transactions are unaffected by the vulnerability.
Update: The Bitcoin Foundation has issued a statement denying the vulnerability, and blaming Mt. Gox's problems on a failure to independently verify transaction IDs.