As you have probably already learned from the relevant media, a critical security vulnerability (ZERO-Day) has become known for Magento 2. Under the designation APSB22-12, the vulnerability CVE-2022-24086 is listed, which is already actively exploited.
Category Archives: Blog
log4j – Vulnerability in Magento?
You have probably already heard that a standard library for Java, “log4j”, is currently exposed to attacks. With this vulnerability, attackers may be able to execute malicious code on your system. Magento is based on PHP and is therefore not affected by this vulnerability. However, it is possible that other software you use is vulnerable.Continue reading “log4j – Vulnerability in Magento?”
PHP 7.2 support is discontinued – what about Magento 1 under PHP 7.3, 7.4 and PHP 8?
You may have already heard it from your hoster: PHP 7.2 is being discontinued. But what does that mean for your Magento 1 store? (Picture: https://unsplash.com/@benofthenorth) (Deutsche Version weiter unten / German version below) If you want to know how long the PHP version you are using on your server will still be supported byContinue reading “PHP 7.2 support is discontinued – what about Magento 1 under PHP 7.3, 7.4 and PHP 8?”
Mage One Patches für Magento 1: 7 new patches released
Seven new patches have been released.
Plus invoices can now be downloaded.
Mage One Patches für Magento 1: 5 new patches released
Five new patches have been released. Two of them are high or critical!
Mage One Patches für Magento 1: MO-18, MO-19, MO-20
Three new patches have been released. Two of them are critical.
Hacker attacking Magento
Last weekend there was a hacker attack affecting about 2000 Magento 1 stores. In this newsletter we explain what we know about it and what you can do to protect your store.We also take this opportunity to thank our partner sansec.io for their support in researching these attacks. What happened? We received the message that last weekend about 2000 Magento 1 storesContinue reading “Hacker attacking Magento”
Mage One Patches für Magento 1: MO-16, MO-17
Two new patches have been released, adding PHP 7.3 compatibility and improving the clearing of session data with parallel logins.
Magento 1 & Mage One vs. Relaunch ~ When is the change worthwhile?
Magento 1 has stirred up the market of open source e-commerce systems and has become one of the most popular e-commerce systems in the world within a short time. For over a decade, small and large retailers have been relying on it. Since Magento announced that it will discontinue official safety updates in June 2020Continue reading “Magento 1 & Mage One vs. Relaunch ~ When is the change worthwhile?”
Mage One Patches für Magento 1: Patch MO-15
This patch sends all cookies with a “secure” marker set. This results in sending the cookies solely via HTTPS.