Magento released a patch, SUPEE-6788, on October 27, 2015. This patch addresses protection against security related issues such as information leaks and remote code execution. These types of threads can compromise a site in many ways such as potentially having malware scripts running on your server or having sensitive information stolen. This patch allows Magento store owners to protect against these security compromises. Although, unlike most patches, Magento SUPEE-6788 Patch can be a little confusing to implement. Before implementing this patch, here are a few things you need to know.
Continue reading Magento SUPEE-6788 Patch: Important Things to Know
Magento SUPEE-6285 Patch, which is a bundle of eight patches, provides resolutions for several security related issues. We will discuss this patch, as well as its vulnerabilities.
Continue reading What You Need to Know About Magento SUPEE-6285 Patch
In late January of 2015 the first remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to Magento by Check Point Software Technologies. This bug affects both Magento Enterprise Edition and Magento Community Edition, and it allows attackers to obtain control over a store and its sensitive data, including personal customer information. As of February 9, 2015, Magento released a patch for this issue.
Continue reading Magento SUPEE-5344 – Shoplift Bug Patch