Magento Security Patch – SUPEE-8788

On 11th October 2016 Magento released a very significant security patch; SUPEE 8788.

SUPEE-8788, Enterprise Edition 1.14.3 and Community Edition 1.9.3 addressed Zend framework and payment vulnerabilities, ensured sessions are invalidated after a user logs out, and made several other security enhancements.

This patch also included Magento 2 versions for Magento Enterprise Edition and Community Edition 2.0.10 and 2.1.2

Some of the key items identified included payment vulnerabilities around remote code execution during checkout and SQL injection through a bug in the Zend framework. There were secondary concerns around insufficient data protection and information leakage through a block cache exploit.

Although none of these exploits have a known attack where they have been utilised they have all been patched in this security update.

If you require any further information regarding this patch update, or assistance with installing – please get in touch with one of our team on 01423 226555 or drop us an email.


LATEST POSTS

Vortex Builds Bespoke Checkout for EWMG BrandsVortex Builds Bespoke Checkout for EWMG Brands

6 days ago READ

How is GDPR Affecting the High Street?How is GDPR Affecting the High Street?

1 week ago READ

2017: Our Year in Awards2017: Our Year in Awards

4 weeks ago READ
all posts