The First Magento Patch of 2017
Magento’s first security patch of 2017, SUPEE-9652, has landed. The good news is that so far, while this patch is listed as addressing a high-risk vulnerability, it only impacts one Magento system related to outbound mail. This makes the patch a lot less intrusive than many of its recent brethren, such as SUPEE-6788, SUPEE-7405, and SUPEE-8788 .
Magento simultaneously released Magento Community version 126.96.36.199, which also updates the Magento Copyright, aside from including this newest security patch. There are also new versions of Magento 2 and Magento Enterprise editions available for merchants to upgrade to.
The Magento team has suggested that while they have not observed this particular vulnerability being used by hackers, “the risk is very high”.
As such, it’s recommended that Magento stores integrate this patch or upgrade to get the patch. As always, we recommend testing patches and upgrades in a development or staging copy of the website before implementing to your live site, just in case adverse reactions are seen.
Look For Ways To Improve Site Security
Regardless of this patch, hackers are always looking for additional vulnerabilities that they can exploit.
If you’re worried about long-term security, it’s best to request that your developers and host conduct a security audit and look for any opportunities to strengthen security. This may include upgrading server software, locking down some elements of your site that the public does not need access to, and other various tasks to keep hackers out. You can also consider getting an additional malware scanner and firewall, such as from Sucuri, SiteLock, 6Scan, Centrora, or SiteGuarding.
Secure Your Website, Then Improve Your ROI
While security updates are “cost of business”, serving to protect your website and organization, without providing any direct return on investment, there are always areas that you can look to in order to improve your ROI.
At Rand Marketing, we offer complimentary cursory audits of your search engine optimization (SEO) factors, AdWords campaigns, and social media marketing campaigns. We also offer similar free initial reviews of your loading speeds and can make recommendations to improve your conversion rate, helping to drive more traffic into sales.
Through our partners, we can also bring you great opportunities, such as a review of your site-search feature, giving feedback on the quality of searches within your site. For those looking to instill more trust with shoppers, we can provide free trials of Norton SSL’s, allowing you to showcase a Norton Trusty seal on your site to watch how it impacts your sales. We can even get you set up to collect additional Customer Experience Data above and beyond what you get through Google Analytics.
If you’re looking to improve the safety and security of your Magento site, increase quality traffic, or raise your conversion rate, please don’t hesitate to contact us.