Magento Expert Forum - Improve your Magento experience
Shoplift Bug (SUPEE-5344)
Hello everybody ,
I would to discuss regarding security of Magento Store.
Few day back Magento sent a critical reminder to all the store owners. The reminder was sent to all the store owners who have not updated their Magento yet for a vulnerability named as “Shoplift (SUPEE-5344)”. The bug was first detected in the month of Feb and Magento sent an update to its users to update their store. Magento did a random check and found 60% of the website were not updated yet which counts to around 140,000 Magento installed online shops globally. It is expected that in next 48 hours most of the website will be effected by this bug.
Shoplift is a term given to a bug that allows hackers to take full control of your Magento Store. There was a patch released for it in February called “SUPEE-5344″ but yesterday’s check by Magento confirms that around 60% of Magento installations are still open to this vulnerability.
The message from Magento takes you to the page on their website that give you information on how to update and apply the patch. Upon some more research we came across this website called Byte which claims to check and confirm if your website is effected by this bug. You can have a check about this here.
If you need help to update your website quickly for this bug, Reach us now at- http://www.envisionecommerce.com/contact/
View more threads in the same category:
The remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to us by Check Point Software Technologies in late January 2015.
Corporate Gifts Gurgaon
Tags for this Thread