Please read the previous post here Things Change to get context
This email provides updates on remediating sites impacted by the recent malware attacks and issues with newly-released Enterprise Edition 1.14.3 and Community Edition 1.9.3 software.
An updated SUPEE-8788 v3 patch for Enterprise Edition 1.13.0.x is now available in the “Security Patches – October 2016” folder in MyAccount. It addresses missing files that prevent many Enterprise Edition 1.13.0.x merchants from successfully deploying the SUPEE-8788 patch .
Malware attacks targeting ecommerce sites are on the rise and it has never been more critical for merchants to follow security best practices. In most malware cases we’ve analyzed, attackers are not developing new ways to penetrate Magento sites. Instead, they are taking advantage of existing, unpatched vulnerabilities, poor passwords, and weak ownership and permission settings in the file system.
Earlier this week you may have been contacted by your Account Manager, Product Owner or Business Owner about the latest Magento security patch that was released on Tuesday 10/11/2016. Magento security patch SUPEE - 8788 was found to have some issues with earlier versions of Magento EE 1.13 and earlier. Here is the press release for that issue:
At MagentoLive France, they announced the Magento Masters program to recognize top contributors in the Magento community. We are pleased to learn that our very own Brent Peterson was chosen as one of the 2016 Magento Masters!
Today, we are releasing Magento Enterprise Edition and Community Edition 2.0.6, which contain important functional improvements. You can now use Redis for session storage and a file permission issue has been fixed by providing a more flexible way to set file ownership. Full details on the functional enhancements are included in the release notes for Enterprise Edition and Community Edition.