A man wearing a blue work shirt is looking at a tablet while standing among a row of products, possibly in an electrical store or warehouse.
An overview of Magento’s most recent update, why patching just got smarter and exactly when will it be too late to do any of this before the holidays. Read on.

Today, Magento is releasing 3 new versions of their platform including patches for 2.2.x and 2.3.2 and a new 2.3.3 version. Find our breakdown of the new releases below.

Magento 2.3.3. 

2.3.3 introduces 75 critical security fixes a range of fixes and some new features focussing on performance improvements. The big reason clients should upgrade here is for the security and compliance. For European merchants this new released adds PSD2 compliance for core payment methods (for more information on that see https://community.magento.com/t5/Magento-DevBlog/3D-Secure-2-0-changes/ba-p/136460)

Performance improvements have been tackled in two ways by Magento. The first introduces the deferred loading of non-critical CSS elements helping the frontend performance of the platform. The second is through breaking up the jquery/ui library into widgets to only load the necessary pieces, increasing the performance of category, configurable product, home and checkout pages.

The technology stack support has been updated to support PHP 7.3 and also Varnish 6.2.

In addition to version updates for Amazon Pay, dotdigital, Klarna and Vertex, Magento 2.3.3 has added Yotpo as a core bundled extension allowing customers to leverage the power of Yotpo to gather User Generated Content.

Holiday Period Code Freezes

Here at absolunet we definitely recommend our clients implement a strict code freeze anywhere from 4-6 weeks out from the holiday period (blackfriday onwards). This ensures we have a stable platform for the holidays not requiring any downtime for new features, hotfixes or patches. 

For all merchants on 2.2.x we recommend updating to 2.2.10 as soon as possible to get those security fixes in prior to the holiday period while all 2.3.x clients should be looking to apply the 2.3.2-p1 security patch while reviewing the large 2.3.3 update post holidays.

The 2.2.10 update also provides support for PHP 7.2. As PHP 7.1 will be deprecrated on December 1st, this gives merchants some more breathing room to get that 2.3.3 update applied before December 31st when Magento 2.2 is being deprecated.

New Security Patching Process

In order to reduce the overall total cost of ownership (TCO) of Magento 2, Magento has released a new way for customers to maintain a secure platform, without necessarily getting all the new bells and whistles. 

Further details on the process can be found on the Magento DevBlog (https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-only-Patch-Release/ba-p/141287) but starting with Magento 2.3.2 and above (not supported for versions 2.2.x or below) security patches will be released which target only the vulnerabilities. This allows customers to maintain a secure website and their PCI compliance.

These security patches do not include addition bug fixes or new features though, so clients wanting to patch other aspects of their site will need to upgrade to the latest version.

Author: Christopher Brabender, Magento Practice Lead at Absolunet.

Want more eCommerce insight?

Receive the next publications by email.
Out of respect for your inbox, we are committed to delivering only highly-relevant content.

Please complete all fields.
Please enter a valid email address.
IDs are invalid.
Text inputs do not accept special characters.
A problem has occured. Please retry later.
Thank you, you should receive our next eCommerce publications by email.

You have Successfully Subscribed!

Perspectives eCommerce

Recevez les prochaines publications par courriel.
Par respect pour votre boîte de courriels, Absolunet s’engage s’engage à ne distribuer que du contenu hautement pertinent.

Remplissez tous les champs, s'il vous plaît.
S'il vous plaît, mettez une adresse email valide.
Les identifiants sont invalides.
Les entrées de texte n'acceptent pas les caractères spéciaux.
Un problème est survenu. Veuillez réessayer ultérieurement.
Merci, vous recevrez les prochaines perspectives eCommerce par courriel.

You have Successfully Subscribed!

Join our mailing list to receive the latest news and updates from our team.

Commencer votre projet
S’il vous plaît fournir les informations sommaires de votre projet eCommerce et nous indiquer comment vous joindre.

You have Successfully Subscribed!

Start Your Project
Please provide a basic description of your project, and tell us how to reach you.

You have Successfully Subscribed!

Get Our Internal eCommerce Brief

Be the smartest eCommerce person in the room by reading our monthly eCommerce Brief. 4 minutes well-invested.

You have Successfully Subscribed!

Recevez le rapport des perspectives eCommerce

Soyez la personne la plus à l’affût de tout ce qui touche au eCommerce en lisant notre compte-rendu mensuel. 4 minutes bien investies.

You have Successfully Subscribed!

Share This