Magento® SUPEE-10415 Patch

On 11/28/2017, an update was released for Magento Commerce and Magento Open Source that closes several critical security vulnerabilities.

The update includes several security enhancements that help close cross-site request forgery (CSRF), denial of service (DoS), and authenticated admin user remote code execution (RCE). These releases also include a fix for previous customers who experienced issues caused by SOAP v1 interactions in WSDL.

It is recommended that affected stores apply the security patch:

Magento Commerce 1.9.0.0-1.14.3.7: SUPEE-10415 or upgrade to Magento Commerce 1.14.3.7
Magento Open Source 1.5.0.0-1.9.3.7: SUPEE-10415 or upgrade to Magento Open Source 1.9.3.7

Read also the article: Apply Magento security patch.