cancel
Showing results for 
Search instead for 
Did you mean: 

Critical Security Advisory for All Versions of Magento Enterprise Edition and Magento Community Edition

Critical Security Advisory for All Versions of Magento Enterprise Edition and Magento Community Edition

The remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to us by Check Point Software Technologies in late January 2015. It affects both Magento Enterprise Edition and Magento Community Edition and allows attackers to obtain control over a store and its sensitive data, including personal customer information. Magento issued a patch for this issue on February 9, 2015.

 

To check your site for vulnerabilities, find signs of a compromised site and follow direct links to download the patches, please visit: http://magento.com/security-patch

 

While a large number of merchants have successfully downloaded the patch, many still have not done so. Please act now to ensure that your Magento store is secure!

--

Community Manager, Magento
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical