Magento 1 Patch 10752 (SUPEE-10752) released
It is patching time again, Magento released Magento 1 Patch 10752 which fixes lots of critical code insertion and cross site scripting security leaks. As always it is important to patch your live systems immediately.
Magento 1 Patch 10752 (SUPEE-10752) released
It is quite interesting, that every few months new Cross Site Scripting (XSS) and Remote Code Execution (RCE) security problems are found. This problems are found on a open source software that is used many thousand times worldwide. How many additional leaks are in your module code? Nevertheless, leaks in standard software are dangerous. Attacking randomly against such systems more profitable than invest time to hack one special system. Time is again an important factor. Known problems are now obvious to anyone in this new patch, you can only be safe if you update your system NOW.
Install patch
As always, you need all previous patches installed to run this patch file. Otherwise you may get errors which results in an aborted update. Try this patch in one of your development systems first and test all major processes:
- create new customer
- login and log out
- navigate your catalog
- make an order
Currently there are no known issues with this patch. If you installed it, be informed if someone finds an issue and test again you shop!
Attention: you need to install 10570 v2 before installing 10752. If you already installed 10570 v1, you need to revert this and install 10570 v2 before this patch!
Magento 2
This patch also leads to an updated Magento 2 version with same fixtures. Because updating Magento 2 is much easier, you should consider updating your old Magento 1 shop as soon as possible.
Conclusion
Magento 1 Patch 10752 is again an important security patch which fixes some XSS and RCE problems. Special thanks goes to community members finding and fixing this problems. They make an often used software safer. Regarding to GDPR you need to take all actions possible to save user data. So installing this patch is by law needed. Take actions to do this.
Do you have any issues with this patch?
1 Response
[…] Magento 1 Patch 10752 (SUPEE-10752) released by MAGEMASTER […]