Detailing Adobe Commerce 2.4.7 security patches

1 month ago
adobe commerce

The latest Adobe Commerce 2.4.7 security patch release notes offer a thorough overview of updates aimed at enhancing the security of your Adobe Commerce setup. Here’s a summary of the critical aspects covered:

Key Updates

1. Security Bug Fixes: Comprehensive corrections addressing identified security vulnerabilities.

2. Security Highlights: Detailed explanations of enhancements and updates included in the security patch.

3. Known Issues: List of any known problems that users might encounter.

4. Additional Patches: Instructions for applying any required additional patches.

5. Hot Fixes: Information on any urgent fixes included in the release.

Adobe Commerce 2.4.7 -p1

The Adobe Commerce security release targets a range of security vulnerabilities found in earlier versions of 2.4.7. This critical update provides essential security bug fixes to safeguard your deployment.

For the latest details on these security bug fixes, please refer to Adobe Security Bulletin APSB24-40.

Security Highlight Adobe Commerce New Version

A significant update in this release is the revision of the one-time password (OTP) settings for Google Authenticator. This adjustment addresses an error caused by a backward-incompatible change in version 2.4.7. The description for the OTP Window field has been corrected, and the default value has been changed from 1 to 29.


Adobe Commerce 2.4.7-p1 also resolves an issue that arose during the migration of UPS integration from SOAP to REST API. This problem affected customers shipping outside of the US, preventing the use of Metric System/SI measurements such as kilograms and centimeters for packages when creating shipments with UPS. For more details, refer to the knowledge base article on the UPS shipping method integration migration from SOAP to RESTful API.

This is the essence of the new Adobe Commerce security patch release!