2014 is kicking off to a busy start, with lots of exciting things going on within the FreePBX EcoSystem. In this issue we will review the latest news from FreePBX, the world’s most popular open source PBX platform, covering some of our latest software releases, newest products, special promotions and upcoming events.
FreePBX HA (High Availability) awarded Best Large Enterprise Solution at ITEXPO 2014
FreePBX® High Availability (HA) won the Best in Show for Best Large Enterprise Solution at ITEXPO Miami, held January 28-31, 2014, at the Miami Beach Convention center in Miami, Fla. During the show, Schmooze provided live demonstrations of FreePBX HA using our new SMB HA Appliance. The SMB HA Appliance, designed to target businesses with up to 75 users/extensions, provides out-of-the box support for FreePBX High Availability (HA) solutions. In addition to the SMB HA Appliance, Schmooze has added several additional new FreePBX appliances designed to support systems up to 1000 users.
The FreePBX HA commercial application was launched in late 2013 to enable automatic mirroring and failover between two FreePBX phone systems. FreePBX HA can be installed and licensed on your own hardware, or bundled with our FreePBX Certified Appliances,
Uniden SIP DECT phones now supported and available for FreePBX systems
“Uniden America Corporation is excited to be joining the FreePBX community with our Enterprise class EXP1240 SIP DECT Mobility platform. The EXP1240 mobility platform supports seamless roaming and hand-off on up to 40 DECT Access points with zero interference with other wireless networks. A single access point can support up to 8 cordless handsets and up to 200 handsets on a single network segment. The color handsets support up to 4 lines, multiple codecs, over the air synchronisation, wide band 2-way speakerphone and an integrated site survey tool for simple wireless setup.” Says Brett Morrison, Vice President of Sales & Marketing, Business Communication Systems, Uniden America Corporation.
The FreePBX Team and Uniden staff worked together to ensure that the new line would be fully supported within the FreePBX EcoSystem. The Uniden phones can be configured and auto-provisioned directly within the FreePBX® End Point Manager. We like these phones so much we added them to the FreePBX/Schmooze Portal Store and you can now purchase them direct from us, allowing you to get great hardware, while at the same time supporting the FreePBX Project.
Popular FreePBX Add-on Fax Pro adds new functionality and price reduced by $100!
Join FreePBX/Schmooze at the Channel Partners Expo, February 25-28, in Las Vegas
Visit the Schmooze Com/FreePBX booth, Booth 8031, at Channel Partners to see our latest technologies and learn first hand how FreePBX can differentiate your business and drive growth and profitability for your company.
For a limited time only, you can receive $50 off an all-access Conference & Expo Package or a FREE Expo only package. That’s a savings of up to 40% off the on-site price and is only available through this offer.
This offer is good through Friday, February 21, 2014 and will not be accepted at show site. This discount is only offered to qualified channel partners. This offer cannot be applied to previously paid registration and is non-transferrable.
Use promo code EXH14 to take advantage of this discounted offer today!
To register by phone, call (800) 454-5760.
Save up to $150 on Sangoma gear purchased from Schmooze Com/ FreePBX
Connecting your phone system to the local telco? From now until March 30th, 2014 save up to $150 on analog and digital PSTN cards and gateways from Sangoma when purchased from Schmooze Com/FreePBX.
FreePBXHosting.com Adds Support for FreePBX High Availability
Important Security Update Released for FreePBX
Schmooze and FreePBX are very proactive and responsive to security issues, and care deeply about the security of our software and systems. We welcome security related bug reports and issues, and they can be submitted via email to email@example.com for instant attention.
WebRTC, WebRTC, WebRTC… you can’t open a trade magazine or tech news site without hearing someone talk about WebRTC. In a nutshell WebRTC allows you to communicate via a web browser without the need to install additional plugins or applications. In January Schmooze launched the first public release of an officially supported WebRTC Softphone for the FreePBX User Control Panel. System administrators utilizing the FreePBX® Distro can download the new BETA WebRTC module from within the FreePBX Module Admin Menu.
A few weeks ago we released the first public ALPHA version of the latest, greatest version of FreePBX. FreePBX 12 will take advantage of many of the new features available in Asterisk 12, but will also support Asterisk 1.8, 10, 11 and 12! The FreePBX Development team has been hammering away not only preparing the platform for the latest version of Asterisk, but also adding great new features. At Asterisk World in Miami, Schmooze’s Tony Lewis discussed some of these new features with Digium’s Billy Chia.
View the Asterisk Live Blog for more details.
We look forward to interacting with you at our upcoming events, as well as online on our forums, social media and as always we’re just a phone call away.
On Behalf of the FreePBX/Schmooze Team,
Preston McNair, VP of Sales and Marketing, FreePBX/Schmooze Com, Inc.
We are blogging to inform you of a recently discovered security vulnerability reported yesterday in FreePBX Ticket 7123 (originally reported in ticket 7117 which is locked because of sensitive information). All FreePBX versions FreePBX 2.9 before 184.108.40.206, FreePBX 2.10 before 220.127.116.11, FreePBX 2.11 before 18.104.22.168, and FreePBX 12 before 12.0.1alpha22 are affected. You should immediately update your FreePBX Framework Module to secure your system from a potential attack.
The vulnerability is a Remote Command Execution (RCE) attack which means a compromised PBX can have any system command executed on it. This may result in serious damage to the system or extraction of passwords and other credentials accessible to the apache user (which is asterisk on most systems).
There were no known exploits at the time this issue was reported but upon going public it is common for hackers to develop scripts to scan the internet in an attempt to find vulnerable systems. The primary attack mode would be blocked on a system that uses HTTP authentication as some Distros set by default. Unfortunately, it is trivial to develop an XSS (Cross Site Scripting) attack that could indirectly access this vulnerability and allow an attacker to get access to any logged in system using all FreePBX authentication options. As such, all systems are vulnerable and should be updated. The fix addresses all attack modes.
Please make sure to update your systems immediately. We informed project teams of the other popular FreePBX Distro’s earlier today as well as Certified Hosting Partners.
The FreePBX and Schmooze Team!