SUPEE-8788, Enterprise Edition 1.14.3 and Community Edition 1.9.3 address Zend framework and payment vulnerabilities, ensure sessions are invalidated after a user logs out, and make several other security enhancements that are detailed below.

Information on additional functional enhancements available the new 1.14.3 and 1.9.3 releases is available in the Enterprise Edition and Community Edition release notes.

Patches and upgrades are available for the following Magento versions:

Enterprise Edition 1.9.0.0-1.14.2.4: SUPEE-8788 or upgrade to Enterprise Edition 1.14.3

Community Edition 1.5.0.1-1.9.2.4: SUPEE-8788 or upgrade to Community Edition 1.9.3

To download a patch or release, choose from the following options:

Partners:

Enterprise Edition 1.14.3 Partner Portal > Magento Enterprise Edition > Magento Enterprise Edition 1.X > Magento Enterprise Edition 1.x > Version 1.x Releases > Version 1.14.3 SUPEE-8788 Partner Portal > Magento Enterprise Edition > Magento Enterprise Edition 1.X > Magento Enterprise Edition 1.x > Support and Security Patches > Security Patches > Security Patches – October 2016

Enterprise Edition Merchants:

Enterprise Edition 1.14.3 My Account > Downloads Tab > Magento Enterprise Edition 1.X > Magento Enterprise Edition 1.x > Version

1.x Releases > Version 1.14.3 SUPEE-8788 My Account > Downloads Tab > Magento Enterprise Edition 1.X > Magento Enterprise Edition 1.x > Support and Security Patches > Security Patches > Security Patches – October 2016

Community Edition Merchants: