RECOMMENDED ACTIONS:
1. Check for unknown files in the web server document root directory. If you find any, you may be impacted.
2. Download and implement 2 patches from the Magento Community Edition download page.
- SUPEE-5344 - Addresses a potential remote code execution exploit (Added Feb 9, 2015)
- SUPEE-1533 - Addresses two potential remote code execution exploits (Added Oct 3, 2014)
3. Implement and test the patches in a development environment first to confirm that they work as expected before deploying them to your production site.
Note: Different versions of the patch are available for Magento Community Edition 1.4.x through 1.9.x.
HOW TO DOWNLOAD?
You can access Magento’s Community Edition download page from here. Find "Magento Community Edition Patches" section and download the right security patch.
OUR PRODUCTS:
We are going to update these Magento security patches on all our Magento Themes and Magento Extensions on the next few days.
Thanks for reading!
