Important Magento 1.x and 2.x Security Updates June 2017

The releases contain over 15 security enhancements and Magento 2.x updates that also address image resizing and MasterCard BIN number expansion. We strongly recommend that all merchants upgrade to these versions as soon as is reasonably possible.

These releases include following enhancements.

Multiple critical security enhancements

These updates help close access control bypass, CSRF, and authenticated Admin user remote code execution vulnerabilities. See Magento 2.0.14 and 2.1.7 Security Patches and SUPEE-9767 Security Patches for more information.

Support for MasterCard BIN number expansion

MasterCard recently added a new series of Bank Identification Numbers (BIN). While certain Magento versions already support the new BINs, merchants using the following versions must upgrade or apply a patch by June 30, 2017 or face potential fines from MasterCard and lost sales.

  • Enterprise Edition 2.1.2 or earlier
  • All Enterprise Edition 2.0.x releases
  • All Enterprise Edition 1.14.2.x releases or earlier
  • All Community Edition 1.9.2.x releases or earlier

Reversion of the changes to image resizing

Certain image resizing changes introduced unanticipated problems. We have reverted these changes in this release, and will provide improvements to image resizing in a future product update. See the Magento 2.1.7 Enterprise Edition Release Notes for additional information you may need when upgrading from Magento 2.1.6 or 2.1.5 to this release.

Download Magento releases, patches and tools here


Pay one time and get free update & 1-year free support with free and paid extensions for latest Magento version.

Go to contentsBack to previous page