A good news:
“As you know, I have always prided myself on responding to issues in a positive and timely manner and it is my intention to do the same with this. I am however now making a post to address the concerns raised and it will be my one and only post to this thread. I would ask again as in the original email that any concerns are addressed to me personally.
Tuesday’s email was sent as a precautionary measure to alert our customers of a potential breach of security on our server resulting in the latest WHMCS zip file download containing rogue files for a short period of time. It was not the result of a security weakness in the WHMCS software itself - the issue was only the zip file on our server having several files added (and none modified). We are confident that all steps that could be taken have now been taken to prevent this from happening again. I appreciate that some customers may be concerned by the events but can only reiterate that WHMCS the software was not involved. I took the decision to notify all customers of the potential files which could be in their install while only a small number of customers will be and were actually affected because security is and continues to be of the utmost priority.
On a completely separate note, due to the ioncube encryption being reversed last month, numerous issues have come to light about possible SQL injection vulnerabilities in the WHMCS system. These are being addressed as a matter of urgency and this thread has only served to highlight those issues. It would be appreciated if discussions pertaining to the exact vulnerabilities are kept to a minimum to help prevent widespread knowledge of what can be used. A new update addressing these issues will be available as soon as possible. I can only apologize for the concern that may have been caused to you through the prioritizing of new features and rapid development over quality of code, and I understand this is unnacceptable but this is something that will be learnt from and I will continue to provide the great service you’ve come to know and love.
Despite the difficulties currently being experienced, I am confident that WHMCS can continue to meet the needs of its clients and will become an even better product in the coming weeks and months. I would like to take this opportunity to thank the many loyal customers who have helped to make it successful and can assure you of my total commitment to resolving any problems and continuing to offer the very best service I can.
Regards,
Matt”
No comments yet.
Comments RSS TrackBack Identifier URI
Leave a comment
No Comments