In a recent reply on the Feature Requests section of the Forum it was announced that mSecure 6 would be available soon and that major enhancements we have been waiting for would not be implemented in mSecure 5.
Will mSecure 6 be considered a completely new product? Will existing customers be expected to pay for this new product in order to get any enhancements?
Will mSecure 5 remain available? Will it still be maintained with bug fixes and security issues?
Will the databases be compatible between these products?
Are there any other implications for existing loyal customers?
@Puneet Thank you for contacting us. We have audited our systems, and we are not susceptible to the Log4J vulnerability. The two main services we use for data processing and storage are Heroku and MongoDB. In performing their own audits, both of those systems didn't find vulnerabilities for the services we use.
If you were to look into this on your own, you would find that Salesforce (they own Heroku) is currently in the process of patching their systems to make sure everything is safe. However, Heroku's services specifically were not affected. For MongoDB, you would find that one of their services called "MongoDB Atlas Search" was found to be affected by the vulnerability but has since been patched. What's important here is that we don't use the "Atlas Search" features, so mSecure would not have been affected.
With regards to mSecure 6, if you currently have an mSecure 5 license, you will not have to make a purchase to continue using the features you already have as a paid v5 user. With a Pro license, you'll be granted access to the "Essentials" subscription tier at no cost, and this tier has all the same functionality. To unlock all of the features in mSecure 6, however, a subscription will be required, and the cost of that subscription will be discounted by 50% for v5 Pro users. The "Premium" tier is normally $29.99/year, but it will be discounted to $14.99/year for Pro users.