Question
This year there seemed to be a lot of security-related patches from Magento. Do you anticipate 2016 being as bad as 2015?
Answer
You're right, 2015 was a very busy year from a security standpoint. Magento came out with a bunch of security patches with the one in October being the biggest and most encompassing because it affected a lot of 3rd party extensions. Here's a list of security warnings and patches we applied to your Magento website in 2015, starting with the most recent one first:
- Magento Malware Security Warning - November 2015
- Magento Security Patch & Malware Alert - October 2015
- Magento Security Update - August 2015
- Critical Magento Security Patch – July 7, 2015
- Important New Magento Security Patch - May 14, 2015
- Urgent Immediately Install Magento Critical Security Patches - April 2015
- Magento Security Update - April 2015
- Critical Magento Security Patch (SUPEE-5344) - February 10, 2015
Those are the Magento security warnings and patches applied this year. Those do not include the following which also needed to be patched in SSL and Linux:
The above does not include the "standard" Linux, MySQL and PHP patches that also need to be applied pretty much monthly.
Frankly we have no idea what 2016 will have in store for us. Part of us feels like the web grew up a bit in 2015 from a security standpoint. However, with millions of people trying to hack into websites around the world daily, I'm sure more vulnerabilities will be discovered. As always, Modern Retail will tackle and patch these vulnerabilities for you as fast as possible.
If you have any more questions about security or our patch management process, please submit a Support Request, and we'll be happy to help. Thank you.