Security Center

Get the latest patches, security updates, and best practices for your Magento sites

New Security Update

Install critical updates for Magento 1.x and Magento 2.x versions

Tagged:

Magento Commerce

Mar 24, 2020

Magento advises customers of potentially affected deployments to take immediate action by updating Magento installations with the latest patch.

Jan 28, 2020

With the release of Magento 2.3.4, we’ve changed how we describe security issues. Individual issues are no longer described here in the Magento Security Center. Instead, these issues are documented in an Adobe Security bulletin. Please see Security updates available for Magento | APSB20-02.

Jan 28, 2020

With the release of Magento 2.3.4, we’ve changed how we describe security issues. Individual issues are no longer described here in the Magento Security Center. Instead, these issues are documented in an Adobe Security bulletin. Please see Security updates available for Magento | APSB20-02.

Oct 8, 2019

Magento Commerce and Open Source 2.3.3, 2.3.2-p1 and 2.2.10 contain tens of security enhancements that help close Remote Code Execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities.

Merchants who have not previously downloaded a Magento 2 release should go straight to Magento Commerce or Open Source 2.3.3.

Oct 8, 2019

SUPEE-11219, Magento Commerce 1.14.4.3 and Open Source 1.9.4.3 contain multiple security enhancements that help close remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.

Sep 13, 2019

On September 3, Multi-State Information Sharing and Analysis Center (MS-ISAC) has issued an alert related to multiple vulnerabilities that could allow for arbitrary code execution and a recommendation that all sites using PHP should update to the latest PHP version ASAP. Read on for impacts and steps for Magento Commerce sites.

Jun 25, 2019

Magento 2.3.2, 2.2.9, and 2.1.18 contain 75 critical security enhancements. These enhancements are described in three related blog posts — the post you’re currently reading plus these two separate posts, which you can find here: Part 1 and Part 2.

Jun 25, 2019

Magento 2.3.2, 2.2.9, and 2.1.18 contain 75 critical security enhancements. These enhancements are described in three related blog posts — the post you’re currently reading plus these two separate posts, which you can find here: Part 1 and Part 3.

Jun 25, 2019

These versions contains multiple functional and security updates. Risk: Critical for Magento Commerce and Magento Open Source prior to 2.1.18, 2.2.9 and 2.3.2.

Jun 25, 2019

This patch contains several security updates. Risk: Critical for Magento Commerce prior to 1.14.4.2 and Open Source prior to 1.9.4.2.