Magento Security Patch – SUPEE-8788

On 11th October 2016 Magento released a very significant security patch; SUPEE 8788.

SUPEE-8788, Enterprise Edition 1.14.3 and Community Edition 1.9.3 addressed Zend framework and payment vulnerabilities, ensured sessions are invalidated after a user logs out, and made several other security enhancements.

This patch also included Magento 2 versions for Magento Enterprise Edition and Community Edition 2.0.10 and 2.1.2

Some of the key items identified included payment vulnerabilities around remote code execution during checkout and SQL injection through a bug in the Zend framework. There were secondary concerns around insufficient data protection and information leakage through a block cache exploit.

Although none of these exploits have a known attack where they have been utilised they have all been patched in this security update.

If you require any further information regarding this patch update, or assistance with installing – please get in touch with one of our team on 01423 226555 or drop us an email.


LATEST POSTS

How to Have Your Best Black Friday as an eCommerce RetailerHow to Have Your Best Black Friday as an...

1 week ago READ

Life at Vortex: Drew’s First WeekLife at Vortex: Drew’s First Week

3 weeks ago READ

GDPR is Coming…Is Your Business Ready?GDPR is Coming…Is Your Business Ready?

1 month ago READ
all posts