Magento Critical Security Update

This incident has been resolved.

We are continuing to monitor for any further issues.

Adobe has released a critical security update for Magento. Exploitation of the underlying vulnerability could lead to arbitrary code execution. Store owners are encouraged to apply the security update by upgrading their Magento version as soon as possible. The security update applies to the following Magento Open Source versions:
- 2.4.7-beta3 and earlier
- 2.4.6-p4 and earlier
- 2.4.5-p6 and earlier
- 2.4.4-p7 and earlier

To secure your Magento store, upgrade your Magento version as follows:
- Upgrade to Magento Open Source version 2.4.7 if currently running versions 2.4.7-beta3 and earlier
- Upgrade to Magento Open Source version 2.4.6-p5 if currently running versions 2.4.6-p4 and earlier
- Upgrade to Magento Open Source version 2.4.5-p7 if currently running versions 2.4.5-p6 and earlier
- Upgrade to Magento Open Source version 2.4.4-p8 if currently running versions 2.4.4-p7 and earlier

The vulnerability also affects Adobe Commerce customers. You may review the Adobe security bulletin in full here:
https://helpx.adobe.com/security/products/magento/apsb24-18.html

Our support team is on standby if you need any help or have questions or concerns. You can connect with us through the following channels:

- Live Chat via Customer Portal: https://my.nexcess.net/
- Email: support@nexcess.net
- Phone: 1-866-639-2377, 1-313-279-0722 (international).