Adobe announced a new release for its Adobe Commerce product (formerly known as Magento Commerce). In numbers, this release includes over 370 new fixes to core code, 33 security enhancements and hundreds of other functional fixes that will repair all known issues identified in Magento 2.4.2 and bring many improvements in security, performance, and platform usability.
If you want to find out more about this release, we are here to help.
Significant security enhancements
Because certain vulnerabilities were identified that can be used to access customer data, the new release brings 33 enhancements that help close remote code execution (RCE) and cross-site scripting (XSS) weaknesses.
These include a new Composer plugin that helps prevent dependency confusion and identifies malicious packages with the same names as internal packages on the public package repository.
Rate limiting, a feature that imposes restrictions on the size or number of resources that can be requested by a user, is now built-in to Magento APIs.
ReCaptcha coverage has been extended to include web APIs that have corresponding HTML pages and also the Place Order storefront page and payment-related web APIs. This extended coverage adds an anti-brute force mechanism to protect stores from carding attacks.
One thing to note is that merchants who are interested in installing only the time-sensitive security patches and skip the other features, can do so by installing Patch 2.4.2-p2, a security-only patch that provides fixes for vulnerabilities that have been identified in the Magento 2.4.2 release.
However, installing the security-only patches will provide security bug fixes only, not the additional security enhancements that are included in the full release, like the aforementioned rate-limiting and the extended reCaptcha coverage.
A better performing eCommerce platform
The new release will bring us a platform that comes packed with enhanced features which will help merchants tackle all complexities of modern eCommerce.
The new feature from PayPal, PayPal Pay Later allows shoppers to choose the option of short-term, interest-free payments and other special financing options that they can use to buy the product and pay later while merchants get paid up front.
The new Adobe Commerce 2.4.3 is steadily stepping towards taking full advantage of Artificial Intelligence. The Live Search function, which combines the power of Adobe Sensei and commerce data submitted by merchants, will help shoppers get more relevant search results, thus creating a more personalized shopping experience. At the same time, Live Search will act as a reporting tool which in turn will help merchants understand what products are preferred by their customers and push them on their stores.
Creating high quality content is now easier than ever thanks to the seamless integration with Adobe Stock, which provides access to millions of photos, vectors and other media assets. Adobe Stock can now be configured to be available in the Magento Admin workspace.
For those who want to create high quality app-like shopping experiences via mobile and desktop devices, this new version works seamlessly with the latest version of PWA Studio and Venia.
We always love to talk about eCommerce so if you need information about our products and services, we are here to help.
The marriage between Magento and GraphQL to provide an alternative to REST and SOAP web APIs for frontend development has been going strong for some time now, and this new release adds GraphQL support for Shared catalogs, moving items from wish lists to shopping carts, various tasks for Gift registries, negotiable quotes and routing requests on product, category, and CMS pages.
With the 2.4.3 release, merchants will also benefit from having an improved Magento B2B module, updated to version 1.3.2. There are various new features, and the highlights include the option to send automated emails to expired and soon-to-expire negotiable quotes and the possibility for company users to edit and update customer custom attribute values. Also, administrators with restricted accounts that include only website-level privileges can now create a company that uses a different currency than the website.
Indexation time for Product Price and Catalog Rule indexers was decreased and merchants have the option to exclude a website from a customer group or shared catalog to reduce the number of records for indexing.
The cloud managed services received updates too, and Adobe Commerce now offers certified support for AWS ElastiCache, AWS ElasticSearch, and AWS Managed Queues (Rabbit MQ).
Validation has been improved to prevent the upload oAt the same time, vendor developed extensions like Braintree, dotdigital Engagement Cloud, Klarna, Vertex Cloud, Yotpo Product Reviews have been improved and this release contains all updates for compatibility. Amazon Pay has been deprecated and will be removed in a later Magento 2.4.x release.
The new release focuses on bringing Adobe Commerce closer to full compatibility with PHP8, so core Composer dependencies, the KnockoutJS library and the Laminas library have been upgraded to the latest versions, compatible with PHP8. At the same time, Magento 2.4.3 has been tested and confirmed to be compatible with Redis 6.0.12.
Apart from the mentioned enhancements the recent release fixed hundreds of issues in the Magento 2.4.3 core code.
If you want to know more about our list of services at Clever++, please visit our website.