Magento has this week released security updates for both the Magento 2 and Magento 1 platforms. Though perhaps causing Magento site owners an operational inconvenience, Magento’s proactive approach to security is reassuring and underlines its credentials as the world’s leading e-commerce platform.
What do Magento 1 site owners need to do?
Those yet to upgrade to the latest version of Magento should apply the security patches as a matter of priority. If you’re running a version of Magento Commerce between 1.9.0.0 and 1.14.3.10, you should either apply the security patch SUPEE-10888 or alternatively upgrade to Magento Commerce version 1.14.3.10, which includes the latest security updates.
If you are running Magento Open Source (until recently, known as Magento Community) versions 1.5.0.0 – 1.9.3.10, you should apply the same security patch SUPEE-10888 or upgrade to the latest version, Magento Open Source 1.9.3.10.
The name of version you are running is shown at the bottom of your admin panel.
For more information about the Magento 1 updates, see the release notes from Magento.
What about the Magento 2 Update?
If you are running Magento 2 (either Commerce or Open-Source), there’s even better news. Aside from the 25 critical security fixes, the latest release boasts a number of performance enhancements for your site. Chief among them are the improvements to the checkout process making conversion easier. There are also refinements to the way Amazon Pay, now standard in Magento, is configured as well as improvements to the way Magento 2 integrates with Dotmailer and Klarna.
For more details about the Magento 2 security updates, see Magento’s release notes for Open Source here or release notes for Commerce here.
Next steps
We recommend that our clients find time to get in touch so we can help ensure your Magento site security is up to date and your users’ experience is optimised. You can also run the Magento Security Scanning Tool to check your site’s security status. At magic42, we take security seriously. Speak to one of our Magento Solution Specialists if you have any concerns about your website’s security.
Alex Ashman
Magento Security Updates April 2020 – What You Need to Know
April 28th saw the release of the latest batch of security and performance updates for Magento.
Magento 2.3.3 patches now out
Magento have released its latest patch to 2.3.3. Available for both Open Source and Commerce, there are hundreds of performance improvements, fixes and features added.
