Security News > 2020 > June > Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life and support on June 30, 2020, and that those were the final security patches available for Magento Commerce 1.14 and Magento Open Source 1.

"If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have increased responsibility for maintaining your site's security and PCI DSS compliance," Adobe warned.

Merchants that continue to use an unsupported Magento 1 version will have to implement compensating controls to re-certify PCI DSS compliance, such as signing up for and implementing third-party fixes and updates, continuously scanning their installations for malware, vulnerabilities and unauthorized accounts, using a web application firewall, and so on.

"We encourage Magento 1 merchants to download the Magento 1 extensions they plan to keep, since Magento 1 extensions will not be available in the Magento Marketplace after July 7, 2020, and will be removed from the Magento repository after August 6, 2020," Adobe noted last week.

PayPal, Visa and other payment processing companies and payment platforms have also been urging merchants to make the switch to Magento 2.Even though Magento 2 was released five years ago and even though the migration from Magento 1 to Magento 2 can be performed by using an official Data Migration Tool the number of Magento 2 installations is still lagging.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/SKPqvu1wICY/