It’s always recommended to scan your Magento site regularly for any security flaws and install the latest patches and Magento updates. Here’s the latest recommendations released this month straight from the horse’s mouth.
Magento recommends upgrading to the latest version of PHP ASAP to avoid any security vulnerabilities related to the older version. Earlier this month, Multi-State Information Sharing and Analysis Center (MS-ISAC) issued an alert and recommended that all sites using the Php should update to the latest version. The report confirmed that multiple vulnerabilities have been identified in Magento CMS and the most severe one of which could allow for remote code execution. Even though there are no reports of these vulnerabilities being exploited in the wild yet, Magento recommends to upgrade to the latest PHP versions to steer clear of potential hacking attempts. “Since Magento Commerce relies on PHP, we recommend that all Merchants using Magento Commerce review necessary updates for PHP with their hosting provider.” – Magento
Recommended PHP patches include:
PHP 7.1: https://www.php.net/ChangeLog-7.php#7.1.32
PHP 7.2: https://www.php.net/ChangeLog-7.php#7.2.22
PHP 7.3: https://www.php.net/ChangeLog-7.php#7.3.9
Visit PHP’s site for more information on recent releases.
Unsure about the risks your Magento store is exposed to? We can help. Get in touch with us today for a complete Magento security audit.