cancel
Showing results for 
Search instead for 
Did you mean: 

Magento patches

Magento patches

Hi,

 

  Can anyone please tell me what is patch and for what purpose we are installing patches....i confused with that

3 REPLIES

Re: Magento patches

HI @nanj,

 

Magento and a bunch of researchers around the web are constantly testing the security of the platform. When they uncover something that "may" be a problem, they create a patch for the system. Patches don't usually add functionality to your store, but rather it just erases that off chance that someone will use a weaker implementation of something to exploit the store.

Many patches are a good thing because it means that your platform is constantly trying to stay ahead of any potential threats instead of just sitting back and pretending nothing is wrong. It is a good idea to always keep an eye on patches when they come out and schedule time to apply them to your store as soon as you are aware of them.

If you have any problems patching your stores, just come back and post here and we'll try to help.

 

-T

---------------------------------------------------
Subscribe to my Magento Security Podcast

Re: Magento patches

Three of the patches are for dead given vulnerabilities that are actively being used to take over Magento websites.

 

NO STORE OWNER OR MAGENTO DEVELOPER CAN TAKE THE STANCE THAT THESE SECURITY PATCHES ARE OPTIONAL.

Re: Magento patches

Yeah, to prevent stuff like that.

 

Note that this is an attempted XSS exploit, one of the items that will work in Magento's backend if you don't patch.