Magento Security Patch – SUPEE-8788

On 11th October 2016 Magento released a very significant security patch; SUPEE 8788.

SUPEE-8788, Enterprise Edition 1.14.3 and Community Edition 1.9.3 addressed Zend framework and payment vulnerabilities, ensured sessions are invalidated after a user logs out, and made several other security enhancements.

This patch also included Magento 2 versions for Magento Enterprise Edition and Community Edition 2.0.10 and 2.1.2

Some of the key items identified included payment vulnerabilities around remote code execution during checkout and SQL injection through a bug in the Zend framework. There were secondary concerns around insufficient data protection and information leakage through a block cache exploit.

Although none of these exploits have a known attack where they have been utilised they have all been patched in this security update.

If you require any further information regarding this patch update, or assistance with installing – please get in touch with one of our team on 01423 226555 or drop us an email.


LATEST POSTS

Vortex Shortlisted in Two Categories in the ‘eCommerce Awards London’ 2017!Vortex Shortlisted in Two Categories in the...

1 month ago READ

Vortex Builds Walk the Walk’s New Online Shop!Vortex Builds Walk the Walk’s New Online...

2 months ago READ

WIN a Two-Day Intro to Web Design and WordPress Course!WIN a Two-Day Intro to Web Design and WordPress...

3 months ago READ
all posts