Weaver E-cology Full Security Patch Release and Hardening Guide

Vulnerability Summary: Weaver E-cology Security Patch Release Vulnerability Overview Weaver has officially released a comprehensive security patch update for its E-cology collaborative management software. This update aims to address multiple security issues identified across various versions and provides an IP blacklist database to defend against known malicious attacks. Scope of Impact This patch applies to the following E-cology system versions: E-cology 10.0 (E10) E-cology 9.0 (E9) E-cology 8.0 (E8) E-cology 7.0 and below (EC 7.0) Remediation Plan 1. Full Security Patches: Users should download the corresponding full security patch package based on their specific system version for upgrading. E10: Official version v20260312 (Update Date: 2026-03-12) E9: Official version v19.79 (Update Date: 2025-09-25) E8: Official version v19.79 (Update Date: 2025-09-25) EC 7.0 and below: Official version v6.51 (Update Date: 2024-09-10) 2. Incremental Updates & Security Components: Incremental Patches: Incremental patch packages based on v10.56 and v10.78 are provided for E9 and E8 versions, applicable to systems already installed with specific base versions. IP Blacklist Database: An IP blacklist database of version v18.11 is provided to block known malicious attack IP sources, applicable to all versions of E7/E8/E9. 3. Configuration and Deployment: Refer to the official "Configuration and Deployment Guide" (including installation manuals and system security recommendations) for security hardening. 4. Security Recommendations: Password Security: It is recommended to change passwords regularly, ensuring high complexity (13+ characters, including uppercase/lowercase letters, numbers, and special characters). Port Protection: Do not expose remote desktop ports (e.g., 3389, 22) to the internet. Data Backup: Ensure off-site backup is performed before upgrading. Testing and Validation: It is recommended to verify patches in a test environment before applying them to the production environment. Update Log Summary 2026-03-12: Fixed newly discovered security issues (183 items). 2025-09-25: Fixed newly discovered security issues (182 items). 2025-07-21: Fixed newly discovered security issues (181 items). 2025-07-15: Fixed newly discovered security issues (180 items). 2025-07-04: Fixed newly discovered security issues (179 items). 2025-07-02: Added malicious attack IPs to the blacklist based on threat intelligence (178 items).

Goal Reached Thanks to every supporter — we hit 100%!

Weaver E-cology Full Security Patch Release and Hardening Guide