Moodle Gets Security Patches, Feature Improvements

Three updates have been released for the open source learning management system Moodle for the 2.3, 2.4, and 2.5 branches. The minor updates include security patches, bug fixes, and small functionality improvements.

Moodle is a free and open source learning management system in use at about 87,000 sites worldwide, including hundreds of K-12 schools, trade schools, colleges, and universities. Moodle used by about 1.3 million teachers and more than 73 million students participating in some 7.8 million courses as of this writing. (Updated statistics can be found on the Moodle Stats portal at Moodle HQ.)

The new updates include 2.5.2, 2.4.6, and 2.3.9. Each one addresses security vulnerabilities that have been discovered since the last update. The details of those vulnerabilities will be released in about a week to give administrators a chance to update their systems before the information is made public.

Other changes to versions 2.5.2 and 2.4.6 include:

  • Improvements to theme selector;
  • Fixes for MUC session cache;
  • iOS improvement for TinyMCE editor;
  • A fix for Gradebook that ensures grade items remain hidden regardless of activity state, if desired;
  • Support for editing question category information via the HTML editor;
  • A new form validation feature that points users to the location of the problem; and
  • The ability to delete comment without the need for confirmation.

Version 2.3.9 did not get those changes but did add a fix for the auto-linking filter, as did versions 2.5.2 and 2.4.6.

The Moodle 2.5.2, 2.4.6, and 2.3.9 updates are available now. Additional details can be found on moodle.org.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • students using digital devices, surrounded by abstract AI motifs and soft geometric design

    Ed Tech Startup Kira Launches AI-Native Learning Platform

    A new K-12 learning platform aims to bring personalized education to every student. Kira, one of the latest ed tech ventures from Andrew Ng, former director of Stanford's AI Lab and co-founder of Coursera and DeepLearning.AI, "integrates artificial intelligence directly into every educational workflow — from lesson planning and instruction to grading, intervention, and reporting," according to a news announcement.

  • toolbox featuring a circuit-like AI symbol and containing a screwdriver, wrench, and hammer

    Microsoft Launches AI Tools for Educators

    Microsoft has introduced a variety of AI tools aimed at helping educators develop personalized learning experiences for their students, create content more efficiently, and increase student engagement.

  • laptop displaying a red padlock icon sits on a wooden desk with a digital network interface background

    Reports Point to Domain Controllers as Prime Ransomware Targets

    A recent report from Microsoft reinforces warns of the critical role Active Directory (AD) domain controllers play in large-scale ransomware attacks, aligning with U.S. government advisories on the persistent threat of AD compromise.

  • Two hands shaking in the center with subtle technology icons, graphs, binary code, and a padlock in the dark blue background

    Two Areas for K-12 Schools to Assess for When to Work with a Managed Services Provider

    The complexity of today’s IT network infrastructure and increased cybersecurity risk are quickly moving beyond many school districts’ ability to manage on their own. But a new technology model, a partnership with a managed services provider, offers a way forward for schools to overcome these challenges.