Magento has just released the SUPEE-10415 security patch for the following versions:
- Magento Commerce 1.9.0.0-1.14.3.7 (formerly known as Enterprise Edition)
- Magento Open Source 1.5.0.0-1.9.3.7 (formerly known as Community Edition)
The patch contains fixed for several security vulnerabilities including cross-site request forgery (CSRF), Denial-of-Service (DoS), and authenticated Admin user remote code execution (RCE).
You can learn more about the patch and download it here: https://magento.com/security/patches/supee-10415
As with all Magento 1 security patches, I'd strongly recommend using the Experius Patch Helper to help you identify any overridden files that will also need to be patched.
Enjoy this article?
Support my open-source work via Github or follow me on Twitter for more blog posts and other interesting articles from around the web. I'd also love to hear your thoughts on this post - simply drop a comment below!
