Adobe Security Bulletin states Security Updates are released for Adobe Commerce and Magento Open Source.
Yes, you got that right!
— Adobe Commerce (@AdobeCommerce) October 12, 2021
On October 12, 2021, Adobe introduced new security updates for Adobe Commerce and Magento Open Source for versions 2.4.3-p1 and 2.3.7-p2.
Check out the official release notes of Security Updates,
- 1 What does Security Update Release Include?
- 2 Security Highlights
- 3 Additional Product Announcements
- 4 Wrap up:
What does Security Update Release Include?
The latest release brings in seven security fixes and enhancements in security. The release also includes bug fixes for the Braintree, Klarna, and Vertex vendor-developed extensions. Known issues of PHP fatal error on upgrade for Adobe Commerce 2.4.3 and Magento Open Source 2.4.3 have been resolved with this update.
- Removal of session IDs from the database in order to prevent actions by unauthorized users.
- Admin access is restricted for media gallery folders to restrict deletion of the .htaccess file.
- Prevent Denial-of-Service (DOS) attacks by reducing the limit to GraphQL query complexity.
- Fixing Recent penetration test vulnerabilities with this security release.
- Included validation of custom variables so as to stop dangerous HTML tags and attributes.
Apart from these security updates, Adobe has also announced some interesting updates.
Additional Product Announcements
Product Recommendations (Only for Adobe Commerce)
Magento merchants who are utilizing Adobe Experience Manager or React or Vue.js can now integrate Adobe Commerce Product Recommendations. The product recommendation will emphasize recently viewed products and products with high conversion rates giving store owners a new approach to propel sales. Added support for B2B websites with customer-specific catalog and pricing.
Live Search (Only for Adobe Commerce)
Live Search catalog onboarding and reindexing times have been reduced to ensure the latest product data by the search results. Search relevancy has been enhanced with partial word search in addition to full word search.
Progressive Web Applications (Commerce & Open Source)
Get rid of loading pages with the release of PWA Studio 12. The new PWA Studio 12 will have a shimmer effect that will increase the user experience by showing the animated effect for the elements that are loading. The new version will have an Add to Cart button on the category page to quicken the purchase flow and drive conversions. PWA Studio 12 will also have best practice and SEO scores based on Google Lighthouse.
Payment Services (Commerce & Open Source)
The release will include Payment Services in North America for Adobe Commerce and Magento Open Source. Magento stores of any size will have access to powerful and secure payment solutions that can be managed from the admin panel.
Asynchronous Order Processing
The general availability of the Asynchronous order processing feature will be in December. The new feature will enhance the checkout and cart functionality of Adobe Commerce sites. It will increase order throughput and line items in the cart.
The new release will enhance your store’s security and reliability. For hassle-free installation of security updates to your Magento store, avail of the Magento Security Patches Installation Service.
The Magento 2.4.4 beta version is releasing soon. Stay Tuned for the latest Magento news!