Alt-N posted a fix to a recently discovered vulnerability, MDaemon Security Bulletin – MD102412, listing MDaemon versions 11, 12, and 13 as being affected by a flaw that was discovered during internal testing.
If you run one of the affected versions, please visit http://www.altn.com/Support/SecurityUpdate/ to find an updated build and install the update immediately. Builds are available for customers running older versions even if your upgrade protection has already expired, so there is no reason to not deploy this release immediately.
Per Alt-N’s FAQ on MD102412, MDaemon versions prior to MDaemon 11.0.0 are not affected by this issue.
MDaemon Critical vulnerability (versions 11, 12 and 13) by Dave Warren (everything-mdaemon.com) is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.