WSM Blog

Magento Security Updates Now Available

September 20, 2017

According to Sucuri, 94% of  Magento website security hacks happen because the organization was running an out-of-date version of Magento.

Don’t be vulnerable. With the holiday season quickly approaching, making sure your website is ready and secure is imperative to your business.  This month, some important security updates were released Magento Open Source (formerly Magento Community Edition or CE site) and Magento Commerce (formerly Magento Enterprise or EE site).

The releases below contain almost 40 security changes and enhancements that help secure against cross-site request forgery, unauthorized data leaks, and authenticated Admin user remote code execution vulnerabilities.

Here is a summary of what is available:

  1. Magento Open Source and Magento Commerce 2.1.9
  2. Magento Open Source and Magento Commerce 2.0.16
  3. Magento Commerce 1.14.3.5
  4. Magento Open Source 1.9.3.6
  5. SUPEE-10266 (patch for earlier Magento 1.x versions)

WSM strongly recommends applying these as soon as possible so your site is not vulnerable to security threats.  If you’re unsure if your Magento site is affected by this or other important security upgrades, please contact us and we can help with a security review.