1 Minute Read

Security Updates Minimize Risk of Data Loss, Downtime, and Hacks

Below are the Magento security updates released this month. Learn about your options and keep your site secure.

If you are a Smart Solutions Managed Solutions Plan customer, we are taking care of these updates for you, and your costs are covered.

Magento Security Updates

This update, released September 14th, contains multiple security enhancements for close cross-site request forgery, unauthorized data leak, and authenticated Admin user remote code execution vulnerabilities. These releases also include support for the changes to the USPS shipping rates introduced on September 1, 2017, referenced below.

USPS Service Name Change

USPS First Class shipping service is frequently used by Magento retailers to ship lightweight packages. USPS recently modified this naming convention from “First-Class Mail Parcel” to “First-Class Package Service – Retail.”

Note: If you do not act now, your store will not support checkout using the “First-Class Package Service – Retail” mailing option.

What Do You Need to Do?

Magento 1.x Merchants

  • Upgrade to 1.9.3.6 (Open Source) or 1.14.3.6 (Enterprise)
  • Or, install the SUPEE-10336 and SUPEE-10266 patches

Magento 2.x Merchants

  • Install Magento 2.1.9 and 2.0.16 releases

Shipping Extensions

If you are using a shipping extension you will need to determine if additional remedial action is necessary.

Please email us at getinfo@smartsolutions.dev or call 410.972.4526 if you need additional information. We will review your website and give you a report on your site’s security update status.

Looking to add multiple payment options?  We have you covered.