work-banner.jpg

Wagento Blog

Magento

Check out the Latest Magento Security Enhancements

This entry was posted on March 08, 2018 by Saurabh Parikh

Magento has released new versions of Magento Commerce and Open Source to increase product security and functionality:

  • Magento Open Source and Commerce 2.2.3
  • Magento Open Source and Commerce 2.1.12
  • Magento Open Source and Commerce 2.0.18
  • Magento Open Source 1.9.3.8
  • Magento Commerce 1.14.3.8
  • SUPEE-10570 to patch earlier Magento 1.x versions 

Magento Security Enhancements

These releases contain almost 50 security changes that help close cross-site request forgery (CSRF), unauthorized data leak, and authenticated Admin user remote code execution vulnerabilities. These releases also support API changes implemented recently by USPS. Additionally, Magento Commerce and Open Source 2.2.3 introduce finer permissions for common cache management tasks. This enhancement enables qualified administrators to assign permissions for discrete cache management tasks such as flushing cache storage and refreshing cache types.

Common Highlights of Magento Commerce and Open Source (2.0 and later)

  • Enhancements that help close cross-site request forgery (CSRF), unauthorized data leaks, and authenticated Admin user remote code execution vulnerabilities
  • Change to Magento Admin to support recent USPS shipping changes
  • Updated copyright to 2018 

Additional Highlight of Magento Open Source 2.2.3

 New layers of control for cache management tasks managed through the Magento Admin.

Additional Highlights of Magento Commerce 2.2.3

  • Support for Elasticsearch 5.x.
  • New layers of control for cache management tasks managed through the Magento Admin.

Common Highlights of Magento Open Source 1.9.3.8 and Magento Commerce 1.14.3.8

  • Changed Magento Admin to support recent USPS shipping changes.
  • Updated copyright to 2018.

Contact Us to upgrade your store version or security patches.