IMPORTANT: Recent Security Vulnerability for Moodle Users.

19 September 2022 by Catalyst

In case you missed this in the Moodle Community News, a friendly reminder for all Moodle users that the fix is now available in Moodle 4.0.3, 3.11.9 and 3.9.16 to ensure the safety of your site.

If you are a Catalyst client, there is no need to worry. Being part of the trusted Moodle premium partner network, means the Catalyst team were one of the first parties to be notified of this issue and had taken appropriate action for our clients’ sites immediately.

More so, in this particular case, Catalyst clients had another layer of protection in that we had provided a pre-upgrade protection, built into our hosting infrastructure, that shielded our Moodle sites from malicious requests attempting to exploit the discovered vulnerability. This means in the period between the discovery of the recent security issue and long before it was publicly known, our clients sites were on the safe side, to say the least.

All software is a subject to various new bugs and security issues. Having a solid system in place on how these situations are handled is key.

If your Moodle site is not handled by Catalyst or another premium partner, you still benefit from the fact that transparency is key in the Open Source world. As Moodle announces such issues, they also provide you with an action plan on how to safeguard your site to ensure its resilience and your business continuity. We highly recommend that you be timely with applying all the necessary steps as recommended by Moodle.

Now that the new ‘fixed’ version is available, it is crucial to perform this upgrade as soon as possible.

In addition to having handled this promptly for our clients, Catalyst team are proud to have contributed to the fix of this security issue. Having our developers and engineers develop the fix and give back to the Moodle community means a lot to our team and aligns with our company values.

Catalyst has been awarded the best premium service provider of the year for 2021 and we are committed to continuous improvement in all aspects of our service. Our team are confident that our clients are in safe hands.