On 28th Feb, 2018 Magento has released another security patch: SUPEE-10570. As and when the team Magento finds any security vulnerability in the system, they release a security patch. It is highly recommended that you install any security patch released by Magento as soon as you hear about it. As the vulnerability is also vastly known with the release of security patch, best if you install the patch to be free from any possible risk your system may encounter. Now that the patch is released, almost everyone in the community is aware about the vulnerabilities and it is best to safeguard yourself against any potential harms.
About SUPEE-10570
SUPEE-10570 is the updated version of SUPEE-10415 which was released on 28th Nov, 2017.
To know more about previous security patch releases you can check out our earlier blog post on the same.
SUPEE-10570, Magento Commerce 1.14.3.8 and Open Source 1.9.3.8 brings multiple security enhancements that resolves close remote code execution (RCE), cross-site scripting (XSS) and some other issues. In order to install this security patch, you are required to remove the earlier version from every store where it was added.
Information on all the changes in 1.14.3.8 and 1.9.3.8 releases is available in the Magento Commerce and Magento Open Source release notes.
How To Ensure Your Store Security?
The first step should be to install the security patch released by Magento. Once you are done with that, it is ideal that you seek for technical and security audit done for your website. This will ensure that you have not missed out any security patch from the past and if there is any effect of known issues on your website.
Magereport.com is one of the well-known websites to quickly check if your store is lacking any of the security patches. Once you find out the missing patches from MageReport you can go ahead and download the missing patches and get them installed in your store.
Need Help With Installation?
We understand if you find this discussion around security patches too discomforting. And therefore, we are here to help. Opt for our Magento security patch installation service and we will take care of the rest.
