Magento: attenzione alle vulnerabilità di php

Salve a tutti,
Adobe -  Magento ha recentemente pubblicato un avviso su una  vulnerabilità grave per Magento:

si consiglia di fare un upgrade all'ultima versione di php.





Ecco il testo dell'avviso:

A vulnerability has recently been discovered in PHP and we recommend Magento Commerce customers adopt changes to address the issue.

MS-ISAC has issued an alert related to multiple vulnerabilities that could allow for arbitrary code execution and a recommendation that all sites using PHP should update to the latest PHP version ASAP.


Since Magento Commerce relies on PHP, we recommend that all Merchants using Magento Commerce review necessary updates for PHP with their hosting provider. We also recommend that Merchants complete this review and any updates by September 30 in order to mitigate the vulnerability and to avoid PCI compliance issues that may go into effect as a result of these vulnerabilities at the end of the month. For those using Magento Commerce on our cloud infastructure, please find specific information on these changes here.

Per the alert, recommended patches for this vulnerability include:



Commenti