The Magento release has several security improvements, including:
- Stopping unauthenticated users from using REST or SOAP API calls to remotely execute malicious code on the server.
- Preventing a site from being remotely triggered to reinstall itself so that the attacker can potentially take control of it.
- No longer allowing authenticated customers to change other customers' account information using SOAP or REST API calls.
- Fully resolving a previous vulnerability with cross-site scripting in the Authorize.net payment module.
How to update your software
- If you are a new Magento 2 users, you should start your project with the latest Magento 2 release
- If you installed Magento Community Edition 2.0.0 from an archive, you must perform some additional tasks before you can upgrade your installation. Current users of Magento 2.0.0/2.0.1/2.0.2/2.0.3/2.0.4/2.0.5 must first update the installer from the command line. Then, update the installation from the Web Setup Wizard or command line. For detailed instructions, see the technical bulletin.
Download the updates
The release and update are available for download from the following locations:
Community Edition 2.0.6 (New .zip file installations)
Community Edition Download Page > Download Tab
Community Edition 2.0.6 (New composer installations)
Community Edition 2.0.6 (Composer upgrades)
Community Edition 2.0.6 (Developers contributing to the CE code base)
Our Products for Magento 2
Our Magento Developer team has been working hard on developing our extensions for Magento 2.0. You can check all of them HERE. We also have some plans to build Magento 2 themes, let's keep in touch with us to access the wide range of high-performance Magento 2 products quickly.
Need help to Migrate Magento 1.x to Magento 2?
As you know, Magento 2 uses new approaches and technologies that give merchants an unmatched ability to create innovative shopping experiences and scale to new levels. If you would like to update your site to Magento 2, but be afraid of facing technical difficulties, feel free to contact our custom work department.