The latest release of Magento — version 2.2.6 — is out now and includes multiple bug fixes. New enhancements designed to increase the overall security of the platform include:
- 25 critical security fixes (addressing cross-site scripting and other vulnerabilities)
- 7 major performance improvements (including product indexing and improvements for multi-site)
- Updated Amazon Pay, Google Tag Manager, and dotmailer integrations
- Over 150 product quality enhancements
Further notable enhancements include:
- improved reliability of the checkout process,
- CAPTCHA improvements, and
- sales/payments improvements (including Braintree and Paypal integrations).
There are multiple other enhancements to improvements in shipping, sitemap, themes, as well as minor code and interface corrections. You can find the complete list of changes in the release notes for 2.2.6 Open Source or 2.2.6 Commerce. From Magento:
Although this release includes these security enhancements, no confirmed attacks related to these issues have occurred to date.
A minor patch is also available for Magento 2.1 — version 2.1.15 — that addresses these security concerns. For a full discussion of the vulnerabilities that have been addressed, see this discussion at the Security Center.
Do You Need Help with Your Magento Upgrade?
BCS Engineering’s certified Magento developers are standing by and ready to assist your e-commerce store with upgrading to the latest version of Magento! Our team are experts at deploying new major and minor upgrades, as well as assisting with your store’s theme, adding custom features to your store, or addressing security and performance issues. Contact us to find out how we can help with your store today!