Is your store secure?
Well, store owners of Adobe Commerce and Magento Open Source need not worry anymore about the security of the store.
Adobe Security Bulletin published a security patch called APSB22-13 for Adobe Commerce on 12th April, 2022.
Adobe Security Bulletin published a security patch called APSB22-12 for Adobe Commerce on 13th February, 2022.
These security patches are available for all the latest versions of Adobe Commerce and Magento Open Source. Let’s find out more about the security update for Adobe Commerce and why it is crucial to apply it.
Contents
Security update released by Adobe is available for Adobe Commerce and Magento Open Source. The security patch update settles vulnerabilities that are rated critical. Successful exploitation could lead to arbitrary code execution.
Adobe mentions, “Adobe is aware that CVE-2022-24086 has been used in very limited attacks targeting Adobe Commerce merchants. Adobe is not aware of any exploits in the wild for the issue addressed in this update (CVE-2022-24087).”
APSB22-12: Security update available for Adobe Commerce
APSB22-13: Security update available for Adobe Commerce
The affected versions of Adobe Commerce are:
Note: Adobe Commerce versions 2.3.0 to 2.3.3 are unaffected.
The affected versions of Magento Open Source are:
Note: Magento Open Source versions 2.3.0 to 2.3.3 are unaffected.
In order to solve the vulnerability issue, you need to implement two patches
Based on your current Adobe Commerce or Magento Open Source version, apply patches from the following updates:
Product | Upgraded Version |
Adobe Commerce and Magento Open Source 2.4.3 – 2.4.3-p1 | MDVA-43395_EE_2.4.3-p1_COMPOSER_v1.patch.zip and MDVA-43443_EE_2.4.3-p1_COMPOSER_v1.patch.zip MDVA-43395_EE_2.4.3-p1_v1.patch.zip and MDVA-43443_EE_2.4.3-p1_v1.patch.zip |
Adobe Commerce and Magento Open Source 2.3.4-p2 – 2.4.2-p2 | MDVA-43395_EE_2.4.3-p1_COMPOSER_v1.patch.zip and MDVA-43443_EE_2.4.2-p2_COMPOSER_v1.patch.zip MDVA-43395_EE_2.4.3-p1_v1.patch.zip and MDVA-43443_EE_2.4.2-p2_v1.patch.zip |
Adobe Commerce and Magento Open Source 2.3.3-p1 – 2.3.4 | MDVA-43395_EE_2.4.3-p1_COMPOSER_v1.patch.zip and MDVA-43443_EE_2.3.4_COMPOSER_v1.patch.zip MDVA-43395_EE_2.4.3-p1_v1.patch.zip and MDVA-43443_EE_2.3.4_v1.patch.zip |
Firstly, unzip the patch file and follow the step-by-step instructions provided by Adobe to apply the composer patch for Adobe Commerce on-premises, Adobe Commerce on cloud infrastructure, and Magento Open Source.
Find Instructions to Apply Composer Patch – Click Here
Security of your Magento 2 store is important and thus it is commendable to upgrade your store with the latest security patch. Avail Magento Security Patches Installation Service to prevent your store from vulnerabilities and threat attacks.
Hello Magento mates, Today we will learn to add a call JS on the checkout…
Business survival in today’s digital world has become extremely difficult. Using traditional marketing techniques is…
Are you setting up a payroll system for your eCommerce startup? Ensuring compliance with myriad…
In the expansive universe of Laravel development, Blade serves as the stellar templating engine, propelling…
Hello Magento Friends, In this blog, we will discuss about adding quantity increment and decrement…
In this guide, we'll explore how to integrate ChatGPT, an AI-powered chatbot, with a Laravel…