By Matt / June 4th, 2013
Stardevelop's Live Help Server software v4.0 Revision 9 has been released to address a security concern within the Live Chat software. We recommend that all customers upgrade to this release immediately. There is no reason to believe that the vulnerabilities are known to the public, due to this only limited information regarding the vulnerabilities will be released at this time. The resolved security issues were identified by Vlad C. of NetSec Interactive Solutions https://www.safeornot.net.
Customers that are running a version prior to Live Help v4.0 such as the v3.x releases can upgrade as per the regular upgrade instructions at https://docs.whmcs.com/Live_Chat_Addon#Upgrading
We have also made available a patch file only update for the V4.0 Rev 8 release which makes upgrading to Rev 9 as quick and easy as possible.
You can find both downloads from the Addons tab of your WHMCS license within our client area @ www.whmcs.com/members
Once sufficient time has passed to allow customers to update to the above release Stardevelop will update the CHANGELOG.TXT with additional details regarding the nature of the vulnerabilities.
Please do not hesitate to contact us if you require assistance with updating your Live Help installation.
An email is in the process of being sent to all WHMCS Live Chat Addon customers who are affected by this. If you do not have the Live Chat Addon, this security advisory does not apply to you.
** This is a re-post of the original security announcement @ https://blog.stardevelop.com/2013/06/04/security-advisory-live-help-v4-0/ for the purposes of WHMCS Live Chat Addon Customers - please note there are a few intentional differences in the patching process **