Attention Magento store owners!
Adobe released a security patch update APSB23-35 for Adobe Commerce and Magento Open Source on June 13, 2023.
Securing an online store is of utmost importance to protect sensitive customer information, maintain the trust of your customers, and prevent potential financial and reputational damage.
Adobe regularly releases security upgrades for Adobe Commerce and Magento stores. Keeping your Magento store, plugins, and themes up to date with the latest security updates and patches helps address vulnerabilities and protect against known exploits.
Contents
What is Magento Security Patch APSB23-35?
Adobe has recently released a security patch update, APSB23-35. This security patch will resolve important vulnerabilities. Installing the latest security patch will protect your store from attacks and enhance store security.
Security patch APSB23-35 prevents vulnerabilities like Incorrect Authorization, XML Injection (aka Blind XPath Injection), Missing Support for Integrity Check, Server-Side Request Forgery, Improper Input Validation, Business Logic Errors, Cross-site Scripting (Stored XSS).
Affected Versions of Magento and Adobe Commerce
With the release of the latest security patch APSB23-35, the following versions are affected:
| System | Version | Platform |
| Adobe Commerce | 2.4.6 and earlier | All |
| Adobe Commerce | 2.4.5-p2 and earlier | All |
| Adobe Commerce | 2.4.4-p3 and earlier | All |
| Adobe Commerce | 2.4.3-ext-2 and earlier* | All |
| Adobe Commerce | 2.4.2-ext-2 and earlier* | All |
| Adobe Commerce | 2.4.1-ext-2 and earlier* | All |
| Adobe Commerce | 2.4.0-ext-2 and earlier* | All |
| Adobe Commerce | 2.3.7-p4-ext-2 and earlier* | All |
| Magento Open Source | 2.4.6 and earlier | All |
| Magento Open Source | 2.4.5-p2 and earlier | All |
| Magento Open Source | 2.4.4-p3 and earlier | All |
Why is Security Update Important for your Magento Store?
Installing the latest security updates and patches in your Magento store is crucial for several reasons:
Vulnerability Fixes
Security updates and patches are released to fix known vulnerabilities and weaknesses in the software. Hackers are constantly evolving their techniques to exploit vulnerabilities in popular platforms like Magento. Installing updates ensures that any identified security flaws are addressed, minimizing the risk of unauthorized access, data breaches, or other security incidents.
Protection against Exploits
Cybercriminals actively search for security loopholes in software to exploit them for their malicious activities. By keeping your Magento store up to date, you fortify your defenses against known exploits. Patches often include specific fixes for vulnerabilities identified in previous versions, reducing the chances of successful attacks.
Compliance Requirements
Depending on the nature of your business, you may be subject to various compliance regulations, such as the Payment Card Industry Data Security Standard (PCI DSS) for handling credit card information. Compliance standards often require maintaining up-to-date software with the latest security patches. Failure to comply with these requirements can result in penalties, legal issues, and loss of customer trust.
Performance and Stability Improvements
Security updates and patches address security vulnerabilities and enhance your Magento store’s overall performance and stability. Updates often include bug fixes, performance optimizations, and general improvements to the software. By keeping your store updated, you ensure that it runs smoothly, providing a better user experience for your customers.
Third-Party Integrations
Magento stores often rely on various third-party extensions and integrations to extend functionality. However, outdated extensions can introduce security risks. Regularly updating your Magento installation ensures that the core platform and third-party extensions are compatible and secure, reducing the potential attack surface.
Community Knowledge and Support
The Magento community, including developers and security experts, actively monitors and reports vulnerabilities. By staying updated, you can take advantage of the collective knowledge and support available within the community. This ensures you can leverage the latest security best practices and promptly address emerging threats.
Ending Thoughts
Installing the latest security updates and patches APSB23-35 in your Magento store is essential to safeguard your business, customer data, and reputation.
Consider seeking assistance from security professionals to ensure a smooth installation of the latest security patch APSB23-35 for your Magento online store.
