In all Magento versions from 1.4 to 1.7.0.1 a serious vulnerability has been found. Therefore, on July 5, Magento released a security update Magento 1.7.0.2. All Magento users are strongly advised to upgrade directly to the latest version, use the available Magento patches or implement the workaround. Take immediate action and ensure the vulnerability is fixed! Users of Magento working with a vulnerable version are strongly advised to upgrade directly to the latest version, use the Magento patch for your version, or implement the workaround.What kind of vulnerability is there in Magento?
The discovered vulnerability lies in the Zend XML-RPC functionality. Through the vulnerability, it is possible to retrieve data such as passwords and database information. All shops using Magento versions 1.4 to 1.7.0.1 are vulnerable. If you are using one of these versions, we urgently request you to fix the vulnerability immediately and upgrade to Magento version 1.7.0.2 as soon as possible, use the Magento patch for your version or implement the workaround.
Contact us for executing the necessary update(s).
