Critical Security Update Released for Adobe Commerce: APSB24-61

On 13th August, 2024, Adobe has released a critical security update for Adobe Commerce (APSB24-61), addressing multiple vulnerabilities that could potentially allow attackers to execute arbitrary code, leading to unauthorized access or data breaches. This update is vital for all Adobe Commerce, Magento Open Source and Adobe Commerce Webhooks Plugin users to ensure the security of their websites.

Security update available for Adobe Commerce | APSB24-61

Contents

1 Security Vulnerabilities Addressed
2 Affected Versions
3 Solution
- 3.1 How to apply the Isolated patch?
4 Final Thoughts

Security Vulnerabilities Addressed

The update addresses several critical and important vulnerabilities. These vulnerabilities include issues that could allow remote code execution, cross-site scripting (XSS), and unauthorized access to sensitive information. Adobe has categorized these vulnerabilities with a priority rating of 2, indicating that while there are no known exploits in the wild, it’s highly recommended to apply the update as soon as possible.

Affected Versions

The following versions are affected for Adobe Commerce on Cloud, Adobe Commerce on-premises, and Magento Open Source.

2.4.7-p1 and earlier
2.4.6-p6 and earlier
2.4.5-p8 and earlier
2.4.4-p9 and earlier

Solution

Adobe has provided patches to address these vulnerabilities. Apply the CVE-2024-39397 Isolated patch to resolve vulnerability issues for the affected products and versions. Users are advised to update to the latest version as soon as possible. The updates are available through the usual channels, and it is essential to follow the installation instructions carefully to ensure that your site is fully protected.

How to apply the Isolated patch?

Use this attached Isolated patch: acsd-60551-composer-patch.zip
Unzip the above file.
Apply a composer patch for Adobe Commerce – Learn more

Final Thoughts

The APSB24-61 security update is a critical patch that addresses several serious vulnerabilities in Adobe Commerce and Magento Open Source. Given the nature of these vulnerabilities, it is crucial to apply the update as soon as possible to protect your site from potential threats. Ensuring the security of your eCommerce platform not only protects your business but also maintains the trust and confidence of your customers.

If you have not yet applied the update, prioritize this task today and safeguard your online store against potential security risks.

Click to rate this post!

[Total: 0 Average: 0]

Gaurav Jain

Gaurav Jain is Co-Founder and Adobe Certified Expert-Magento Commerce Business Practitioner. Being Computer Engineer?‍? and possessing Extensive Marketing skills he handles all kinds of customer Queries and his Happy? & Helping? Nature makes customer's day Delightful. When he isn’t working, you’ll find Gaurav Reading on Books? or Traveling?. Also, he is Speaker at Magento Meetups.