SUPEE-9652 Magento Patch – The Rundown

By Paul Doherty Magento Comments Off on SUPEE-9652 Magento Patch – The Rundown

magento-supee-patch-blog

Reading Time: < 1

Magento has just released its latest SUPEE patch ‘9652’ to address a possible Zend library vulnerability.

 

Vulnerability Description:

Zend Framework 1 vulnerability can be remotely exploited to execute code in Magento 1.

To be affected by the vulnerability the installation has to:

– use sendmail as the mail transport agent

– have specific, non-default configuration settings

 

Severity Level:

Critical – If you are running one of the affected Magento versions it is important that this SUPEE patch is installed.

 

Product(s) Affected:

Magento Community Edition prior to 1.9.3.2, and Magento Enterprise Edition prior to 1.14.3.2, Magento 2.1 versions prior to 2.1.4 and Magento 2.0 versions prior to 2.0.12.

 

Official Magento SUPEE-9652 Resource.

  • Share: