Blog

Magento has recently released a new Security Patch (SUPEE-6788) along with Community Edition 1.9.2.2 and Enterprise Edition 1.14.2.2. These newer edition comes with security patch set in core itself and does not need any other current or past patches to be installed separately. The patch addresses over 10 security issues including remote code execution and information leak vulnerabilities. All these new releases are fully tested, complete and ready for merchants to deploy. We strongly encourage you to implement the patch or upgrade to the new versions as soon as possible.

Magento has recently launched Magento Community Edition 1.9.1.1, Magento Enterprise Edition 1.14.2.1, and a new Mobile SDK for Android. These releases improve security and performance, and empower you with a new tool to drive mobile sales. Along with these, a new security patch has also been released for Community Edition and Enterprise Edition (SUPEE-6482). The patch addresses 2 issues with Community Edition and 4 issues with Enterprise Edition. All these new releases are fully tested, complete and ready for merchants to deploy. We strongly encourage you to implement the patch or upgrade to the new versions as soon as possible.

A new critical Magento security patch has been released to secure the platform from potential attacks. There are no confirmed reports of attacks related to these issues to-date, but it is important to immediately deploy the patch in order to protect online store. This patch prevents attackers from posing as an administrator to gain access to the last orders feed, which contains personally identifiable information that can then be used to obtain more sensitive information in follow-on attacks and closes a number of security gaps including cross-site scripting (XSS), cross-site request forgery (CSRF), and error path disclosure vulnerabilities.

It's no secret these days that selling on your own website isn't the best marketplace for everything and it's always a good idea to consider alternatives.