Recently, Magento has updated it’s SUPEE 11086 which includes multiple security enhancements that help close remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.
To know all the functional fixes you can read official Magento Release notes for SUPEE 11086. We have come up with patch files and recommend you to install them as soon as possible to safeguard your Magento stores against potential security threats.
I have explained the installation of patches with both the ways here:
Follow this instruction to install a patch on your store,
Upload patch files in the root of Magento.
Make one file with the name of patch.php, write the following code in it,
<!--?php print("<PRE>"); passthru("/bin/bash SUPEE-10888.sh"); print("</PRE>"); echo "Done"; ?-->
replace the file name in it, upload it in the root and run the file from the browser.
Name should be SH PATCH_SUPEE-11086_CE_18.104.22.168_v1-2019-03-26-03-05-04.sh
You should receive the following screen once you run patch.php from the browser,
If you are getting an error like this,
“Error! Some required system tools, that are utilized in this sh script, are not installed; Tool (s) “patch” is (are) missed, please install it(them).
That means system tools aren’t installed in your server to run the sh script, you can contact your hosting provider or follow another method.
We have updated the patch files for the older Magento versions. It is very much recommended to use this patches at your own risk, please take backup of your website prior to installation.
Please upload the patch into your Magento root directory and run the appropriate SSH command:
For patch files with the file extension .sh:
Example: sh PATCH_SUPEE-11086_CE_22.214.171.124_v1-2019-03-26-03-05-04.sh
For patch files with the file extension .patch:
patch –p0 < patch_file_name.patch
Once that is done, refresh the cache in the Admin under “System > Cache Management” so that the changes will be reflected. We highly recommend you test all patches in a test environment before taking them live.
For further instructions, see: Installing a Patch for Community Edition
Download the zip file for the patch installation. You can also download these Pre Patched files from GitHub. After downloading the files, simply upload it to your Magento root folder.
It is still recommended to upgrade to Magento version 126.96.36.199 which includes all the security patches including SUPEE 11086. If you need any help regarding Magento version Upgrade, Checkout our Magento Upgrade Service.