2.1.6 Product Release
This is a repost of a Fooman blog. You can view the actual article here
This email provides updates on remediating sites impacted by the recent malware attacks and issues with newly-released Enterprise Edition 1.14.3 and Community Edition 1.9.3 software.
An updated SUPEE-8788 v3 patch for Enterprise Edition 1.13.0.x is now available in the “Security Patches – October 2016” folder in MyAccount. It addresses missing files that prevent many Enterprise Edition 1.13.0.x merchants from successfully deploying the SUPEE-8788 patch .
Malware attacks targeting ecommerce sites are on the rise and it has never been more critical for merchants to follow security best practices. In most malware cases we’ve analyzed, attackers are not developing new ways to penetrate Magento sites. Instead, they are taking advantage of existing, unpatched vulnerabilities, poor passwords, and weak ownership and permission settings in the file system.
Earlier this week you may have been contacted by your Account Manager, Product Owner or Business Owner about the latest Magento security patch that was released on Tuesday 10/11/2016. Magento security patch SUPEE - 8788 was found to have some issues with earlier versions of Magento EE 1.13 and earlier. Here is the press release for that issue:
Third-Party Themes and Extensions Are at Risk
Key Features: Responsiveness Built-in, Improved Payment and Financing Options, Improved Search, Improved Cross Border Price Consistency