Help & Resource Center

Zend Framework Security Vulnerability - January 2017

January 16, 2017 - UPDATE

Every client who had this vulnerability has been notified via a Support Request.  If you have not received a ticket, then your website does not have this vulnerability and no action needs to be taken.

If you have any questions please create a Support Request.  Thank you.

January 13, 2017

Magento today announced a new vulnerability with the Zend Framework email component.  This vulnerability could allow a hacker to run remote code on your website if it uses Sendmail as a mail transport agent.  Modern Retail is researching this problem now and will automatically create ticket if it finds your website is vulnerable to this attack.

For more information please read the following article:

We've also included the full Magento Security Announcement below.  As always, please create a Support Request if you have any questions.  Thank you.