We’ve also been privy to new security patch SUPEE 9767 and new Magento release CE 1.9.3.3 as much as you do. In case you missed it, let’s see exactly what new release is about.
Okay, first of all, this patch is available for the following versions of Magento:
- Community Edition 1.5.0.1-1.9.3.2
- Enterprise Edition 1.9.0.0-1.14.3.2
The latest security patch is named as SUPEE 9767. It addresses multiple critical security issues that include the remote code execution for authenticated Admin users, cross-site request forgery issues, access control bypass. The release also comes with other security enhancements such as fixed several potential issues indicated by static code scans, resolved a potential remote code execution exploit, resolved a cache poisoning issue, etc.
This release also contains:
- support for PayPal's update to its Instant Payment Notification (IPN) server URL
- support for PHP 5.6 in addition to PHP 5.4 and 5.5
Read more about 120 improvements Magento 1.9.3.3 delivers to you.
Get our templates and modules with Magento 1.9.3.3 security update.
New Magento package was released on May 31. So we keep pace with new upgrade of patches.
Once the latest Magento release became available, we decided to implement all recent updates for our templates as soon as possible to make sure they are secure.
Follow up the awesome Magento themes with Magento 1.9.3.3 support:
- Best responsive Argento template
- Magento Mobile theme
- Free Classic theme available in 10 colors
- Free Magento Absolute theme available in 10 colors
Despite some SUPEE-9767 pitfalls, you can see your checkout process works nice again. The point is this patch added form-keys to almost all steps of checkout. We'd like you to know that our Magento One Page Checkout - Fire Checkout 4.2 module was successfully updated to the latest security patch.
See the list of all our modules that were updated for Magento 1.9.3.3 release:
Testimonials, Easy Color Swatches, Product Videos, Easy Banners, Attribute and Brands Pages, Image Slider, Prolables, Easy Lightbox, Easy Flags, Catalog Configurable Swatches, Lightbox Pro, Ajax Layered Navigation and much more...
According to changes in recent Magento release, we have added the new image validation to all extensions that use image uploader. Better Magento security is guaranteed.
The last news is good for site admins.
SUPEE-9767 patch also removed the option to use template symlinks from the backend. Don't panic. If you use links to deploy modules into Magento, go on. You have to edit app/etc/config.xml file in order to enable symlinks support.
What else Argento users should know...
Learn what happens if you don't update modules but keep using the latest Magento version.
Good news for Argento users. Old Argento versions do not replace the checkout files. Thus there should not be issues in using form-keys for each step of checkout.
But there's another problem.
New secure image validation feature from Magento 1.9.3.3 will not be used in case of using old releases.
Our primary task was to complete module updates and provide you with timely and accurate information about compatibility to prevent possible issues or conflicts with other modules.
So, we bet our modules work very well in a Magento 1.9.3.3 version store.
As you might know, the Magento 2.0.14 and 2.1.7 releases come with security patches that bring multiple security enhancements. Our goal is to increase product security and functionality of our products. Nowadays we keep working on further updates of all our Magento 2 modules. Stay tuned. Coming soon.
