Adobe spared no effort in Adobe Commerce (Magento) version 2.4.5, as it is a significant upgrade from its previous version in terms of security, performance, and overall platform experiences, for Merchants and their customers.
Magento 2.4.5 includes 400+ quality fixes and enhancements, including 20 Security Fixes, and hundreds of core code issues were fixed.
Adobe Commerce introduces improvements to platform quality, payment methods, GraphQL caching performance, and accessibility. Magento 2.4.5 includes updates to integrated Google modules and the Upgrade Compatibility Tool and introduces Live Search B2B support.
Let’s dive in…
Adobe Commerce (Magento) 2.4.5 Security Enhancements
This release includes 20 security fixes and platform security improvements. This security fix has been backported to Adobe Commerce 2.4.3-p3 and Adobe Commerce 2.3.7-p4.
There have been no confirmed attacks related to these issues to date; However, particular vulnerabilities can potentially be exploited to access customer information or take over administrator sessions. Most of these issues require an attacker first to obtain access to the Admin. As a result, we remind you to take all necessary steps to protect your Admin, including but not limited to these efforts:
- IP allowlisting
- Two-factor authentication
- Use of a VPN
- Use of a unique location rather than /admin
- Good password hygiene
Adobe Commerce (Magento) 2.4.5 Additional Security Enhancements
Security improvements for this release improve compliance with the latest security best practices, including:
- reCAPTCHA support has been added to the Wish List Sharing, Create New Customer Account and Gift Card forms.
- ACL resources have been added to the Inventory.
- Inventory template security has been enhanced.
- The MaliciousCode filter has been upgraded to use the HtmlPurifier library.
Adobe Commerce (Magento) 2.4.5 Platform enhancements
- DHL integration schema updated from v6.0 to v6.2
- Support from Composer 2.2, TinyMCE 5.10.2, and jQueryUI 1.13.1.
- Upgrade of twenty composer dependencies
- Upgrade all outdated JS libs to the latest version in Adobe Commerce 2.4.5.
Adobe Commerce (Magento) 2.4.5 GraphQL Performance Enhancements
- Faster rebuilding of unified storefront GraphQL schema on deployment.
- GraphQL API capability to consume the authorization token expiration date/time.
- Allows disabling the session cookies for all GraphQL operations completely.
- Session usage has been removed from the HTTP header.
Adobe Commerce (Magento) 2.4.5 Payments Updates
- Apple Pay is now available for all merchants.
- PayPal Pay later is now available for merchants in Spain and Italy.
- Removed Braintree KNOUNT fraud protection from Adobe Commerce 2.4.5 codebase.
- The option “Always request 3DS” has been added for all Braintree payments.
- Store admin can preview PayPal Credit card & Pay Later buttons in the backend.
Adobe Commerce (Magento) 2.4.5 PWA Studio Updates
- PWA Studio v.12.5.x is now fully compatible with Adobe Commerce 2.4.5 release.
- Store admins can deploy a service such as Google Tag Manager from the admins only.
- PWA Studio storefronts collect the customer’s behavior for the web analytics services through eventing.
Adobe Commerce (Magento) 2.4.5 Key Updates Overview
- Changing the Admin URL no longer throws an exception.
- The cart total for a bundle product is calculated correctly when the Product Subselect rule is applied.
- Issues related to Adobe Stock sign-out fixed.
- Single login is now valid for multiple store views for shoppers with global account sharing.
- Admin Action Log report issues fixed.
- Correct price for the configurable products is displayed on the product page after changing its quantity.
- System emails work efficiently with an email address that contains “-”.
- An error will be displayed on the shipping page if the customer provides an invalid email.
- Admins can now set the session size to 0 from the backend, no longer logging out the admin.
- Admin will now be able to translate the title of the “Show Password” checkbox on all appropriate pages.
- The name of customers is now displayed correctly when the order is placed by a ‘guest’ using PayPal.
- Product filtering by color in layered navigation now works efficiently.
- Lengthy name text is now wrapped.
- Payment Information credit card option text elements or images of text now meet the WCAG 2.0 required minimum color contrast ratio of 4.5:1 for standard text of 18pt (24px) or 14pt (19px) is bolded. Previously, they did not meet the expected contrast ratio.
- Magento Open Source now correctly calculates the cart total for a bundle product when the Product Subselect rule is applied.
Version 2.4.5 of Adobe Commerce is set to deliver enhanced experiences and capabilities for Merchants, Magento Developers, and Consumers.
If you want to read the full Adobe Commerce 2.4.5 release notes, check out the resources linked below.