We’ve received a notification from the MDaemon Development Team that they’ve issued a critical patch to correct a potential vulnerability in MDaemon Remote Administration and Webmail (Worldclient).
This vulnerability may impact all browser types. This security update is for versions 16.0 – 20.0 of the MDaemon Email Server.
Simply download and install the appropriate patch listed in this Security Bulletin.
It’s worth noting that even if your existing licence key’s upgrade cover is expired, there is no requirement to renew your licence to obtain the patch for your appropriate version.
As always we’d recommend MDaemon admins always keep their MDaemon installation up to date to ensure they have the latest patches and security updates.
At this point in time, the latest version of MDaemon is v20.0.4 and this version requires upgrade cover that runs until at least June 16, 2020. You can check your existing’s upgrade cover here.
MDaemon 20.0.4 is available to download from here.