Magento security patch SUPEE-7405 – All eligible hosted stores patched

Forum Forums News Magento security patch SUPEE-7405 – All eligible hosted stores patched

This topic contains 0 replies, has 1 voice, and was last updated by  lexiconn 4 years, 6 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #49217

    lexiconn
    Keymaster

    Magento has released a new security patch SUPEE-7405. It addresses a number of vulnerabilities. A few of these vulnerabilities allow a remote user to create a malicious customer email address that can cause a store to be compromised. It is a highly recommended patch by Magento.

    Any hosted Magento store with us that already had the previous SUPEE-6788 patch has been automatically patched with this latest release. For those stores that do not have the SUPEE-6788 patch already applied, we will be contacting those stores about what is required to apply the previous patch (the 6788 patch is not a seamless patch, and can break functionality in a Magento store).

    You can view the contents of the file “app/etc/applied.patches.list” in your store (via FTP or ssh) to see which patches have been applied. If you have any questions, please contact us.

    As is our policy, once a security patch is released by Magento, we thoroughly test it (this latest one has a few “gotchas” with permissions that we have addressed in our hosting environment), and then deploy it on any hosted Magento store where it can be applied seamlessly. For those stores where a problem may occur, we contact the affected client with options and recommendations for how the patch may be applied.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.