The Zend Developer Zone has their latest security tip posted for all of you eagerly awaiting more words of wisdom. This time, it's on a topic near and dear to Zend's heart - keeping your framework up to date.
Make sure any framework you are using is updated regularly. This is especially important if you are working on a 'one-shot' client project. It is important to think about who is going to maintain the site if (or rather: when) a security patch is issued for any of the 3rd party files.
Using frameworks is generally a good idea '" not only because they take a lot of the work away from you, but also because any potential security issue will (usually) quickly be dealt with.
Cal also talks about the other side of the coin - that the openness a framework can have can allow for would-be attackers to find the holes and issues in your site much easier.