Why to Install New Magento Patch Bundle SUPEE 8788?

The New Security patch SUPEE-8788 — The Magento team has recently released the security patch SUPEE-8788 to address the Zend Framework and Payment vulnerabilities. It includes 17 APPSEC updates to provide protection against security threats like

• Remote Code Execution in checkout
• SQL Injection/Improper validation
• Cross-site Scripting in invitations
• Information leakage
• Insufficient data protection
• Remote Code Execution in admin
• Full page cache Poisoning
• Cross-site Scripting in URL processing
• Cross-site Scripting in Categories Management
• Denial of Services
• Cross-site scripting in Flash file uploader
• Filter avoidance
• Cross-site Request Forgery in several forms
• CSRF on removing item from Wishlist or Address Book
• Insufficient Session Expiration
• Lack of certificate validation and Timing attack.

This security patch makes sure that once the user is logged out from his account, it makes sure that the sessions has been invalidated. Along with this, all the above stated security issues has been addressed with the solutions which are long lasting. Continue Reading ……………………