Magento just rolled out new updates to increase its product security and functionality. The releases contain over 15 security enhancements and Magento 2.x updates that addressed image resizing and MasterCard BIN number expansion.
They strongly recommend that all merchants upgrade to these versions as soon as possible.
These releases include:
Multiple critical security enhancements. These updates help close access control bypass, CSRF, and authenticated Admin user remote code execution vulnerabilities. See Magento 2.0.14 and 2.1.7 Security Patches and SUPEE-9767 Security Patches for more information.
Support for MasterCard BIN number expansion. MasterCard recently added a new series of Bank Identification Numbers (BIN). While certain Magento versions already support the new BINs, merchants using the following versions must upgrade or apply a patch by June 30, 2017 or face potential fines from MasterCard and lost sales.
Reversion of the changes to image resizing that we introduced in Magento 2.1.6. Certain image resizing changes introduced unanticipated problems. We have reverted these changes in this release, and will provide improvements to image resizing in a future product update. See the Magento 2.1.7 Enterprise Edition Release Notes for additional information you may need when upgrading from Magento 2.1.6 or 2.1.5 to this release.
How to apply and revert Magento patches and upgrades:
- Log in to www.magento.com
- In the left pane, click Downloads.
- In the right pane, click either Magento Enterprise Edition or Magento Community Edition.
- Follow the prompts on your screen to download the update patch for your version of EE or CE.
Apply the patch as discussed in How to Apply and Revert Magento Patches.
More information is available at MasterCard BIN Range Update
OCS Hosting provides one click installation and automatic upgrades and super-fast secure hosting for Magento. Learn about our Magento ecommerce hosting and great set of tools to make your Magento store a success.