Home » Magento® blog » Magento Important Security Updates – June 1 2017
Magento Important Security Updates – June 1 2017

Magento Important Security Updates – June 1 2017

 

On June 1st, Magento releases new updates to increase product security and functionality. The releases contain over 15 security enhancements and Magento 2.x updated versions that also address image resizing and MasterCard BIN number expansion. We strongly recommend that all merchants upgrade to these versions as soon as is reasonably possible.

Download and install the Enterprise Edition updates by logging into My Account and navigating to the version you want to download. (See How to get the Magento software for a discussion of Magento 2.x installation procedures, and How to Apply and Revert Magento Patches for Magento 1.x instructions.). Community Edition software will be available in the Release Archive of the Community Edition download page.

The releases include:

1. Multiple critical security enhancements. The updates help close access control bypass, CSRF, and authenticate Admin user remote code execution vulnerabilities. Magento releases version 2.0.1.4 và 2.1.7 for Magento 2. For Magento 1,  Patch 9767 is inserted into the new version of Enterprise Edition 1.14.3.3 and Community Edition 1.9.3.3 to address the security issues. See Magento 2.0.14 and 2.1.7 Security Patches and SUPEE-9767 Security Patches for more information.

2. Support for MasterCard BIN number expansion. MasterCard recently added a new series of Bank Identification Numbers (BIN). While certain Magento versions already support the new BINs, merchants using these following versions must upgrade or apply a patch by June 30, 2017, otherwise, they could face potential fines from MasterCard and lost sales. 

  • Enterprise Edition 2.1.2 or earlier
  • All Enterprise Edition 2.0.x releases
  • All Enterprise Edition 1.14.2.x releases or earlier
  • All Community Edition 1.9.2.x releases or earlier

More information is available atMasterCard BIN Range Update.

3. Reversion of the changes to image resizing that we introduced in Magento 2.1.6. Certain image resizing changes introduced unanticipated problems. We have reverted these changes in this release and will provide improvements to image resizing in a future product update. See the Magento 2.1.7 Enterprise Edition Release Notes for additional information you may need when upgrading from Magento 2.1.6 or 2.1.5 to this release.

Full details are available in the release notes:

Magento Community Edition 2.1.7

Magento Enterprise Edition 2.1.7

Magento Community Edition 2.0.14

Magento Enterprise Edition 2.0.14

Magento Community Edition 1.9.3.3

Magento Enterprise Edition 1.14.3.3

! Important notes: When moving your Magento sites into the updated versions, you need to ensure to implement and test the new version in a development environment first before deploying it to a production site.

If you are not familiar with coding, Magestore delivers professional Magento Installation service that helps update security patch quickly & safely. Contact us now to get the best assistance!


------------------------------------------------
Ready to foster your knowledge with MAGENTO 2 BASIC GUIDE

Is your website still a mess and Magento extensions are not enough to meet your expectations? Power up your site with Magento Web Development Services now

magento services


The following two tabs change content below.

Leave a Reply

Your email address will not be published. Required fields are marked *

*