Magento released a patch, SUPEE-6788, on October 27, 2015. This patch addresses protection against security related issues such as information leaks and remote code execution. A site can be compromised in many ways by these types of threads such as potentially having malware scripts running on your server or having sensitive information stolen. This patch allows Magento store owners to protect against these security compromises. Although, unlike most patches, it can be a little confusing to implement. Before implementing this patch, here are a few things you need to know.
Many may be wondering how to setup tax exemption in their eCommerce stores for their customers. There is a simple step-by-step process this article will discuss to set up tax exemption for your customers in your eCommerce store through Magento.
In late January of 2015 the first remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to Magento by Check Point Software Technologies. This bug affects both Magento Enterprise Edition and Magento Community Edition, and it allows attackers to obtain control over a store and its sensitive data, including personal customer information. As of February 9, 2015, Magento released a patch for this issue.