Magento Security Patches

SUPEE-9767, Enterprise Edition and Community Edition address several security issues.


Before applying the patch or upgrading to the latest release, make sure to disable Symlinks setting in System > Configuration > Advanced > Developer > Enable Symlinks. The setting, if enabled, will override configuration file setting and changing it will require direct database modification.


Magento received reports that customer registration after checkout might fail if option to ‘Enable Form Key Validation On Checkout’ is enabled. This results in customers not being registered, but checking out as guests. Magento is working on updated version of the patch. As a workaround, disabling the ‘Enable Form Key Validation On Checkout’ option will revert the incorrect behavior. More information from the Magento community is available here.

Disabling option “Allow Symlinks” can break some deployment workflows. There are known issues when using modman with symlinks. More information can be found here.

After installing a new version or patching your store, make sure to clear and refresh the cache.

To have Nerdster install this patch to your site please click Here

Leave a Reply