Magento - Zend Framework Vulnerability - Powered by Kayako Help Desk Software

News

Jan

Posted by Lee Blakely on 14 January 2017 08:59 PM

The Magento Team has released the following accouncement about an serious vulnerability:

--- start ---

Adjust Mail Settings to Protect Your Sites
A new vulnerability has been found in a Zend Framework 1 and 2 email component . The component is used by all Magento 1 and Magento 2 software and other PHP solutions. This vulnerability is serious and can lead to a remote code execution attack if your servers use Sendmail as a mail transport agent.

Review our Magento Security Center posting to learn how you can protect your sites from this vulnerability. Until patches are available in the next several weeks, we recommend you immediately update your mail settings.

Please note that we’ve checked all Enterprise Cloud Edition sites and they are not affected by this issue.

Thank you for your immediate attention to this matter.

Best regards,
The Magento Team
© Magento 2017

--- end ---

Comments (0)

Post a new comment Reply to comment
Post a new comment Reply to comment

Full Name:
Email:
Comments:

Help Desk Software by Kayako