Magento Expert Forum - Improve your Magento experience
-
Shoplift Bug (SUPEE-5344)
Hello everybody ,
I would to discuss regarding security of Magento Store.
Few day back Magento sent a critical reminder to all the store owners. The reminder was sent to all the store owners who have not updated their Magento yet for a vulnerability named as “Shoplift (SUPEE-5344)”. The bug was first detected in the month of Feb and Magento sent an update to its users to update their store. Magento did a random check and found 60% of the website were not updated yet which counts to around 140,000 Magento installed online shops globally. It is expected that in next 48 hours most of the website will be effected by this bug.
Shoplift is a term given to a bug that allows hackers to take full control of your Magento Store. There was a patch released for it in February called “SUPEE-5344″ but yesterday’s check by Magento confirms that around 60% of Magento installations are still open to this vulnerability.
The message from Magento takes you to the page on their website that give you information on how to update and apply the patch. Upon some more research we came across this website called Byte which claims to check and confirm if your website is effected by this bug. You can have a check about this here.
If you need help to update your website quickly for this bug, Reach us now at- http://www.envisionecommerce.com/contact/
View more threads in the same category:
-
-
The remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to us by Check Point Software Technologies in late January 2015.
Corporate Gifts Gurgaon
-
-
SUPEE-5344 – Shoplift Bug Patch. This fix tends to a particular remote code execution (RCE) weakness known as the "shoplift bug" that enables programmers to acquire Admin access to a store. To decide whether your store has been fixed, see the Shoplift Bug Test.
-
-
On the off chance that you don't have the foggiest idea, SUPEE-5344 is an official security fix to the notorious Magento shoplift bug. That bug enables terrible performing artists to acquire administrator access to powerless Magento locales. While the fix was discharged February 2015 numerous locales tragically did not refresh, this allowed programmers a chance to bargain a huge number of Magento controlled online stores.
-
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Bookmarks