Critical Updates, Security Alerts, and Bulletins

This page is for announcements of critical security or bug fixes, software patch updates, security alerts, and bulletins. The information is updated when these changes are released.

MDaemon Email Server - Critical Update MD041823

1. Critical Update to MDaemon Antivirus Engine (MDaemon Antivirus Users)

2. Fix to Email Server and Webmail Vulnerablities

Published April 18, 2023

Summary
This update addresses 2 critical issues for MDaemon users:

1. The Cyren Malware Detection (antivirus engine) has been replaced and Cyren's proprietary Recurrent Pattern Detection/Outbreak Protection service has been removed (no longer available). This update adds a new Malware Detection (antivirus engine) to the MDaemon Antivirus feature in the MDaemon email server.

2. Vulnerabilities for Denial of Service (DOS) and Cross-Site Request Forgery (CSRF) were identified and addressed during testing or related bug reports.

Affected Software
The versions listed below have been tested and determined to be affected. We recommend that administrators download the appropriate version and language file listed below.

There are no known issues that customers may experience when downloading the update.


32 and 64-bit Installers for Microsoft Windows

Select the version download link to see the file type and language options

NOTE: If you currently have CyrenAV disabled on MDaemon's Security | Antivirus screen, you need to enable IKARUSAV after the update. 

Version in use * Critical Update Version (click to download)
MDaemon 23.x.x
MDaemon 22.x.x
MDaemon 21.5.x
MDaemon 21.x.x
MDaemon 20.x.x
MDaemon 19.5.x
MDaemon 19.x.x
MDaemon 18.5.x
MDaemon 18.x.x

* This critical upgrade is free for all users. Customers must download the software version file for which they are eligible (the paid version in use whether the license is current or expired). If a different version is downloaded, that version will cease to work after 30 days. MDaemon Technologies recommends using the most current version available to receive the latest security and software features. Renew or Upgrade your license here. Supported versions can be found on the Support page.

SecurityGateway for Email - Critical Update SG041823

Critical Update to SecurityGateway Antivirus Engine

Published April 18, 2023

Summary
The Cyren Malware Detection (antivirus engine) has been replaced and Cyren's proprietary Recurrent Pattern Detection/Outbreak Protection service has been removed (no longer available). This update adds a new Malware Detection (antivirus engine) to the software.

Affected Software
The versions listed below have been tested and determined to be affected. We recommend that administrators download the appropriate version and language file listed below.

There are no known issues that customers may experience when downloading the update.


64-bit Installer for Microsoft Windows

Select the version download link to see the file type and language options
Version in Use* Critical Update Version (click to download)
SecurityGateway 9.x.x

* This critical upgrade is free for all users. Customers must download the software version file for which they are eligible (the paid version in use whether the license is current or expired). If a different version is downloaded, that version will cease to work after 30 days. MDaemon Technologies recommends using the most current version available to receive the latest security and software features. Renew or Upgrade your license here. Supported versions can be found on the Support page.

MDaemon Connector for Outlook

This download can be used to install the MDaemon Connector client on individual PCs running the Microsoft Outlook Client.

MDaemon Connector for Microsoft Outlook

Current version is 7.0.7