April was a hectic month for us here at Media Lounge, with almost half a dozen patches released to tackle a security flaw in the Magento platform.
We worked long and hard to make sure all our clients were protected from the bug as soon as it was possible, and we didn’t have any clients fall victim to it.
However, six months on it’s been revealed how more than 170,000 Magento Shops are still vulnerable to the bug.
The bug first came to light in April, when security researchers from Check Point identified a critical vulnerability in Magento, the online e-commerce platform which we use to build sites for our clients to host their online stores.
The vulnerability was dubbed Shoplift but was quickly patched, with eBay (which owns the license for Magento) going on to dedicate more time to improving the platform’s security since.
However, three days after the initial Shoplift patch was released a Dutch hosting company decided to conduct some research and track how many websites on its database had applied the initial Shoplift security update. Shockingly it found that only 8,336 sites had adopted the fix.
At that point that meant 75,353 websites hosted by the company and using the Magento platform were still left unprotected.
Six months after the company expanded its database and has again carried out the same research – with even more shocking results. Despite the fact six months have elapsed since the patch was released it found that 80 percent of the Magento sites it hosts are still unpatched.
With the company currently tracking 216,934 websites, 173,547 Magento shops are still unpatched.
So why are so many stores still unpatched? The chances are these stores use the free edition of Magento and don’t employ experienced Magento eCommerce developers like ours at Media Lounge.
So if you’re running a Magento store, or are interested in getting one, and are worried about security implications, why not get in touch with us today?