Recently Magento eCommerce released the Supee Patch, for both Community and Enterprise editions. This was a critical security patch which if left unattended could lead to hackers gaining access to a store. And if that was not bad enough, be able to access customers personal information.
Fortunately we have not seen many Magento South African websites effected by this (Good work system admins!)
The remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to us by Check Point Software Technologies in late January 2015. It affects both Magento Enterprise Edition and Magento Community Edition and allows attackers to obtain control over a store and its sensitive data, including personal customer information.
The patches are available, and they have an online scanner which can tell if your site has been patched or not.
Just like any CMS (WordPress or Magento) one should always maintain their sites with regular updates and security scans.
If your Magento site needs to be patched, please contact Digital Boutique and we can quickly secure these files.