Hello everybody,

We are glad to announce the release of our latest build, M365 Security Plus build 4816!

Issue fixes:

• A security issue in the Export Graph functionality of the Dashboard that could lead to unauthorized data access has been fixed.

• MMP-22811: As part of security improvements, legacy JAR files and outdated dependencies have been upgraded or removed, and updated dependencies have been introduced. Click here to view the currently used third-party components.

• MMP-23232: As part of security improvements, Apache Log4j has been upgraded from version 2.17.1 to version 2.25.3.

• MMP-23270: As part of security improvements, cxf-core-3.2.2.jar has been removed and SnakeYAML has been upgraded to version 2.5 within Elasticsearch.

• MMP-23298: As part of security improvements, Zulu JRE has been upgraded to version 8.92.0.19 (OpenJDK 1.8.0_482).

• MMP-23454: A security issue with an outdated Apache Tomcat version that posed potential risks has been fixed by upgrading to version 9.0.115.

• MMP-23524: An issue where file-to-database data transfer using the Bulk Copy Program (BCP) failed when the SQL Server password contained a semicolon has been fixed.

• MMP-23541: An issue where deleting technicians failed when a large number of technicians were configured has been fixed.