1 (888) 997-2457 Chat Status Login
We can help you. Right now.
Fast growing merchants depend on JetRails for high-stakes hosting. Experience counts. Let's get started.
Your message has been received, a representative will be contacting you shortly. if you have an emergency, please call us at 1 (888) 997-2457 or email us at [email protected]









Call us at:1 (888) 997-2457

Magento Releases SUPEE-11086, CE 1.9.4.1, EE 1.14.4.1, and M2 versions 2.1.17 and 2.2.8

March 29, 2019
Magento Security
Robert Rand
Director of Partnerships & Alliances

Robert is a Magento 1 & 2 Solution Specialist with over a decade of experience in helping merchants benefit from sound ecommerce and digital marketing strategies. He’s highly experienced at harnessing the power of ecommerce technologies and solutions to help businesses of all types and sizes grow and succeed.

Magento has released security updates for all supported versions of Magento. These include the release of the SUPEE-11086 patch for Magento 1, alongside incremental version upgrades for Magento 1 & 2, which include:

– Magento Community Edition (Open Source) 1.9.4.1

– Magento Enterprise Edition (Commerce) 1.14.4.1

– Magento Open Source (CE) and Commerce (EE) 2.1.17

– Magento Open Source (CE) and Commerce (EE) 2.2.8

Magento Open Source (CE) and Commerce (EE) 2.3.1

You can find links to download updates for your specific version of Magento here and an update to the SUPEE-11086 patch here.

These security updates patch specific instances of several types of vulnerabilities such as:

– Cross-site scripting

– Both arbitrary and remote code execution

– Sensitive data disclosure

– SQL injections

– Cross-site request forgery

– Data manipulation due to improper validation

– Admin credentials being logged in exception reports

– Unauthorized access to order lists

At this time, Magento is not aware of any of these security holes being exploited; however, these vulnerabilities are now known. It’s important to update your sites as soon as possible.

Other recent updates include a Magento patch for Authorize.net SHA-512.

Whether patching or updating your website, please be sure to test your site in a development and/or staging server, prior to pushing out the changes to your live website.

Additionally, if you’re still on Magento 1, Magento 2.1, or 2.2, please be aware that these versions of Magento have known end of life dates when Magento will stop issuing support patches and version updates. It’s recommended that you plan an upgrade to Magento 2.3.x accordingly.

More Articles
Top International Marketplaces to Expand Your E-Commerce Business Globally
View Article
Which USA Marketplaces are Most Likely to Drive eCommerce Success?
View Article
14 Questions to Ask Before Hiring a Magento Agency
View Article