Start Your Project

I need help with...

Magento Security Updates You NEED to Know About for 2021

Intro

As online shopping continues to grow, keeping your store’s presence secure is more important than ever. A new report suggests that more than a third of businesses sell the majority of their merchandise online. It has also become easier for people to hack into sites that may look safe to the naked eye when in reality they’re anything but. Magento, one of the biggest eCommerce platforms out there (and a proud partner of Jamersan), recently released some important security updates and tools that you need to know about to stay safe online in 2021.

Magento Commerce & Open Source Updates

Earlier this month, Adobe, the company that owns Magento released security patches for its Magento Commerce and Magento Open Source platforms. The patches include nearly 300 code revisions and nearly three dozen of what the company calls “security enhancements.” Some of the changes help fix 18 bugs involving remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities according to the release notes for the patches. While Adobe says it has not received any reports of attacks associated with the vulnerabilities, attacks are possible if the platforms are left unpatched. This means important and potentially personal information could get into the wrong hands.

 

Adobe is encouraging users to upgrade their versions of Magento Commerce or Magento Open Source to the newest version available as soon as possible. Administrators can use Composer to install the security-only patch, 2.4.1-p1.

 

Adobe developers have released security-only patches like these for more than a year now. It’s a move that is especially important now, as it lets retailers continue serving customers for up to six months before upgrading to a full update while still staying safe online.

Upgrade Compatibility Tool

A new feature in Magento can help users make sure their setup can withstand upgrades to the platform. Adobe released the Upgrade Compatibility Tool at the beginning of February. It’s a Command Line Interface (CLI) tool that reads through the current version of Magento installed and looks for code that may need to be updated before a future new version gets installed. Company leaders hope this will help make upgrading Magento easier for its users so they aren’t as tempted to delay important upgrades to the system. Administrators can download an Alpha version of the Upgrade Compatibility Tool from the Magento Repository.

Security Scan Tool

Retailers working with Magento Commerce have had access to another feature that checks for security issues of any kind at any time. The Security Scan Tool was officially launched back in September but is more important than ever right now. It sends an automatic email alert when it finds security issues including potential malware, digital skimming injections, and out-of-date patches. Think of it as the equivalent to getting security cameras for a brick-and-mortar store. You hope to never need them, but they’re there just in case. The tool also helps retailers learn best practices, taking security in their own hands.

Conclusion

Whether you use any of the Magento products or another platform for your eCommerce site, you owe it to yourself and your business to make online security a priority in 2021. More often than not, developers put the latest technology available in their updates while their companies phase out support for previous versions. Because of this, waiting to upgrade your platform – or not upgrading it at all – could lead to big security consequences for companies. Officials with a retailer called Costway learned this the hard way, when their website was hacked by people using two different e-credit card skimmers earlier this month. According to ThreatPost.com, the sit

Magento Security Updates You NEED to Know About for 2021

e was using Magento 1, which Adobe ended support for last June – more than six months ago. 

 

So now that you’re done reading this, make sure you update your platform or talk to the person who does.

If your company still needs to find a platform, check out our videos on 5 Reasons to Choose Magento vs Shopify – or 5 Reasons to Choose Shopify vs Magento

Author:

Rory Michaels