?? Adobe Commerce 2.4.7 Security Patch Updates: What You Need to Know Attention #AdobeCommerce and #MagentoOpenSource users: the new 2.4.7 security patches (2.4.7-p1 and 2.4.7-p2) are here, and they’re crucial for safeguarding your #eCommerce platform. These releases address multiple vulnerabilities, bolster platform stability, and ensure ongoing PCI compliance. Key Highlights: ?? Rate limiting for one-time passwords — The following new system configuration options are now available to enable rate limiting on two-factor authentication (2FA) one-time password (OTP) validation: Retry attempt limit for Two-Factor Authentication and Two-Factor Authentication lockout time (seconds). ?? Encryption key rotation — A new CLI command is now available for changing your encryption key. ?? Fix for?CVE-2020-27511 — Resolves a Prototype.js security vulnerability. ?? Fix for?CVE-2024-39397 — Resolves a remote code execution security vulnerability. This vulnerability affects merchants using the Apache web server for on-premises or self-hosted deployments. This fix is also available as an isolated patch. To view the full list of updates, you can click here: https://lnkd.in/emnvvkpR If you have any questions about this update or what it means for your store, you can contact our experts immediately here: https://lnkd.in/exigcHwg
