2015 » Visualwebs

Magento security patches April 2015

Today all Magento users are getting an alert on backend. It advices to apply 2 security patches for fix new vulnerabilities on Magento. Is advised to apply asap before hacker´s community would receive news about this so my recommendation is don´t play with the security of your business.

The patches required are SUPEE-1533 and SUPEE-5344

https://www.magentocommerce.com/products/downloads/magento

Every patch checks first if your server has the required software, if you don´t have the ‘patch’ utility you need to install on your server,

yum install patch

in case of CentOS.

Just upload patches to root installation and run :

bash PATCH_SUPEE-1533_EE_1.12.x_v1-2015-02-10-08-19-16.sh;
bash PATCH_SUPEE-5345_CE_1.7.0.2_v1-2015-02-10-08-11-22.sh;

Example for Magento 1.7.2 Version

We applied these security patches in some installations, for our main Magento store and for some client´s sites. Notice every version of Magento has different patch version, so be sure don´t make a mistake and download wrong files.

In our case we applied every patch and make a git commit so we can roll back in case of issues.

Enjoy a healthy security.

I am not responsible for loss of data by using the comments of this blog. Make a backup of your system before you try any instructions in this post.

April 18, 2015

Windows

Repair corrupted user in Windows 8

Recently I had an strange issue with windows 8 apps. Every time I start system all apps were closing unexpectedly.
After explain this problem in Windows community I noticed is a quite frequently issue. Support team person Germán Torres sent me some advices:

1. Execute
wsreset.exe
from command line
2. Execute these following commands as administrator (cli) :

DISM.exe /Online /Cleanup-image /Restorehealth

Sfc /Scannow

Powershell -ExecutionPolicy Unrestricted Add-AppxPackage -DisableDevelopmentMode -Register $Env:SystemRoot\WinStore\AppxManifest.XML

3. Run this dyagnostic tool for repair windows apps

http://go.microsoft.com/fwlink/p/?LinkId=268423

Log on as user ‘temp’ account.
Open the My Documents folder by clicking the Start button, and then clicking Computer. Double-click the hard disk drive that Windows is installed on (it’s usually your C: drive), double-click Users, double-click the folder with the name of your account, and then double-click My Documents.
Click the Tools menu, and then click Folder Options. If you don’t see the Tools menu, press Alt.
Click the View tab, and then click Show hidden files, folders, and drives.
Clear the Hide protected operating system files check box, click Yes to confirm, and then click OK.
Locate the C:\Users\Old Username folder, where C is the drive that Windows is installed on, and Old_Username is the name of the profile you want to copy files from. In my case the destination is C:\Users\Francisco.
Select all of the files and folders in this folder, except the following files:
- Ntuser.dat
- Ntuser.dat.log
- Ntuser.ini
Click the Edit menu, and then click Copy.If you don’t see the Edit menu, press Alt.
Locate the C:\Users\>New_Username folder, where C is the drive that Windows is installed on, and New_Username is the name of the new user profile you created. In my case the destination is C:\Users\Francisco2.
Click the Edit menu, and then click Paste. If you don’t see the Edit menu, press Alt.Important * If the system asks to overwrite any file, answer ‘No’.

Log off, and then log back on as the new user.

If you have e‑mail messages in an e‑mail program, you must import your e‑mail messages and addresses to the new user profile before you delete the old profile.

Test along some days the new account and when everything is ok you can delete the old profile (‘Francisco’) as well ‘temp’

I am not responsible for loss of data by using the comments of this blog. Make a backup of your system before you try any instructions in this post.

March 10, 2015