On August 13, 2024, Magento released a security update, APSB24-61, which focuses on critical, important, and moderate vulnerabilities.
Find here the essential elements of this security bullet and the action you must take as a Magento 2 store owner.
Overview & Affected Versions
This security update is for Adobe Commerce and Magento open-source users to keep the store away from the attacker’s reach and save the store from any potentially malicious activities.
Here is a list of all the affected products and their versions.
| Affected Products, Versions, and Platforms | ||||||
|---|---|---|---|---|---|---|
| Product | Versions | Platform | ||||
| Adobe Commerce | 2.4.7-p1 and earlier2.4.6-p6 and earlier2.4.5-p8 and earlier2.4.4-p9 and earlier | All | ||||
| Magento Open Source | 2.4.7-p1 and earlier2.4.6-p6 and earlier2.4.5-p8 and earlier2.4.4-p9 and earlier | All | ||||
A Solution to Stay Secured
This newly released security update APSB24-61 fixes the vulnerability issues and recommends updating the installation to the newest version.
| Solution | ||||||
|---|---|---|---|---|---|---|
| Product | Updated Version | Installation Instructions | ||||
| Adobe Commerce | 2.4.7-p2 for 2.4.7-p1 and earlier2.4.6-p7 for 2.4.6-p6 and earlier2.4.5-p9 for 2.4.5-p8 and earlier2.4.4-p10 for 2.4.4-p9 and earlier | 2.4.x release notes | ||||
| Magento Open Source | 2.4.7-p2 for 2.4.7-p1 and earlier2.4.6-p7 for 2.4.6-p6 and earlier2.4.5-p9 for 2.4.5-p8 and earlier2.4.4-p10 for 2.4.4-p9 and earlier | 2.4.x release notes | ||||
| Adobe Commerce and Magento Open Source | Isolated patch for CVE-2024-39397Compatible with all Adobe Commerce and Magento Open Source versions between 2.4.4 – 2.4.7 | Release Notes for on CVE-2024-39397 | ||||
Ensure your store stays safe from hackers. If you need expert technical assistance or a professional Magento patch installation service, we’re here to help you.
