January 24, 2020
Today Magento released a security patch that fixes two critical security bugs, deserialization of untrusted data (CVE-2020-3716) and a security bypass (CVE-2020-3718). Both of these bugs could potentially lead to a hacker executing code on your server. Additionally, there are a number of other fixes included in this patch, which you can read about here:
Modern Retail's support team has already created a ticket for you in the Admin Panel, which serves as the work order to get this patch applied on your server. Please feel free to use this ticket to ask any questions you may have about this patch and how it will be applied to your website.
Modern Retail will update the support ticket with additional information as it becomes available. This likely will include the day and time when this patch will be installed.
Thank you and please let us know if you have any questions.