Magento 2.4.1-Release note (Things you need to know!)

12 Nov 2020
It is important for a store in the e-commerce race that their website is always up to date and provided with the latest trends. Recently, Magento has released a new version Magento 2.4.1. This brings many benefits to Magento merchants as well as their customers. In this release, we can see many security improvements with lots of support. Check out this updated version to fully understand its benefits!

Magento 2.4.1- Release note:

Magento Open Source 2.4.1 

Magento Commerce 2.4.1

In Magento 2.4.1 version, we can see performance improvement and security enhancement, especially for B2B feature set. Security improvements include the SameSite attribute for cookies and the Order shop frontage page. 

Additionally, CAPTCHA protection has been introduced for billing and order-related API endpoints. B2B innovations focus on supporting order processes, shipping methods, logging Admin actions, and better security.

Core code is significantly improved with over 150 bug fixes and 15 security enhancements. Almost 300 GitHub issues uploaded by members of Magento community have been resolved.

Outstanding features of Magento Open Source 2.4.1:

Magento Security-only Patch 2.4.0.1

This version allows you to install a time-sensitive security fix without applying numbers of functional fixes and include the hotfixes applied to Magento 2.4.0. Moreover, the security-only patch 2.4.0.1 to fix the vulnerabilities identified in the previous quarterly release.

Security enhancement

Substantial security enhancement

Include more than 15 security fixes to close cross-site scripting (XSS) vulnerabilities and remote code execution (RCE).

 Besides, Magento 2.4.1 also requires the add-on CAPTCHA safeguard to assist:

  •  Place order storefront page and REST and GraphQL endpoints 

  • Payment-related REST and GraphQL endpoints.

With support of the SameSite cookie attribute, Google Chrome implementation of the new cookie classification system will be approved.

Otherways, the advanced Magento Scan Tool allows the merchants to get real-time insights into the security rate of their site via proactive detection of malware and reduction of false positives.

Infrastructure Improvements

This Magento 2.4.1 release allows the store users to clear the contents of their shopping cart in a single action as well as improved quality of the Framework: 

  • Customer Account

  • Catalog

  • CMS

  • OMS

  • Import/Export

  • Promotions and Targeting

  • Cart and Checkout

  • Staging and Preview

Performance improvement

  • Reducing the size of network transfer between Magento and Redis.

  • Improved messenger queue consumer performance

  • Enhancement in the execution time for the commands of bin/Magento.

Magento Captcha

New Media Gallery

This version enabled New Media Gallery for admin, therefore, merchants have performed the following actions in the Media Gallery:

  • Enable to delete bulk images.

  • Optimize Media storage by unused images of the storefront and detecting duplicate images

  • Filter images by the storefront area

  • Enhanced view metadata from the images, 

  • Edit image metadata

  • Search for images by metadata

GraphQL

This release adds GraphQL coverage for the following features:

  • Product reviews: Allow customers and guests to write product reviews as well as retrieve the history of their product review.

  • Gift option: Allow customers and guests to add a gift message to their order.

  • Order history: Customers can view details about their order histories, including invoices, shipping, and refunds.

  • Allow stored payment methods for logged in customers as well as support for wishlists in the Magento Open Source version.

  • Enhanced management of customer accounts.

PWA Studio

Magento 2.4.1 introduces new features and enhancements for PWA Studio.

  • Updates to the Venia style guide for design tokens, page layouts, core components, and typography.

  • Enhanced Venia mini-cart experience and much more…

Apart from these, the Magento 2.4.1 release includes the Adobe Stock Integration v2.1.0., Magento Functional Testing Framework 3.1.0, and fixed issues in the Magento 2.4.1 core code

Fixed Issues

In Magento 2.4.1, there are hundreds of fixes of issues in the core code of Magento. You can find the fixtures in these fields:

  • Installation, Upgrade, Deployment

  • Adobe Stock

  • Bundle Products

  • Cache

  • Cart and Checkout

  • Catalog

  • Cleanup

  • CMS content

  • Configurable Products

  • Cookies

  • Cron

  • CSS

  • Customer

  • Directory

  • Downloadable

  • Email

  • Frameworks

Latest Magento Commerce 2.4.1 release consists of:

  • Enhanced Page Builder that full-screen mode for easier editing of content and consistent experience editing content across the admin.

  • Shopping cart improvements for B2B buyers.

  • Improved B2B Shipping methods

  • Introduces new admin features in Magento Commerce 2.4.1 version.

Why should e-commerce stores put security first?

In online retail, trust is important and your customers need to feel confident that you will protect their data. If a customer is not comfortable visiting your store and sharing their payment details with you, your business will suffer.

Magento mistake

Personal data and payment information at risk

There is more than 250.000 Magento store in the world and this makes Magento one of popular eCommerce platforms as well as the target for hackers.

As technology develops, hackers’ attach tricks are more and more sophisticated. Instead of identifying a single victim, they target widely used technology and hits hundred of websites. This can provide a wide range of automation and a high chance of success. 

The common Magento security mistakes

Missing HTTPS by default

In fact, some websites are vulnerable to attach while being active and receiving orders. The reason for this security flaw is that most of them don’t use HTTPS by default, as a result, the attacker can steal credit card information easily.

Exposed admin panels  

The displayed admin panels are a common Magento security bug. Although this isn’t a serious error, the exposed admin panels will make it easy for hackers to attach and try to access your website.

Third-party applications 

Insecure third-party applications are another source of vulnerability. As well as, the most common error is using third-party apps- some plugin or modules that are often useful and extend Magento applications but they haven’t checked yet. These modules aren’t sometimes supported and no security updates.

How to keep your store safe

Make sure the platform is up-to-date

When vulnerabilities are discovered, they are quickly fixed in the last Magento version, that is the reason why you need to keep you up to date.

Implement a long-term security strategy 

Increased security awareness has helped people understand the value of the security, and as a result, businesses are willing to invest hundreds of billions of dollars in security services. Any system is vulnerable so security never stops growing. And what you need to do is to do regular internal audits, reviews, and tests on your site, something many companies forget.

Yeah, this is what is fully improved with detailed information about the latest Magento 2.4.1 version. Besides, make sure you have the experience and proficiency to upgrade your Magento 2 store to the latest Magento 2.4.1 version as the upgrade process can be risky. The safe way to upgrade your Magento 2 store to the latest version of Magento 2.4.1 is to get help from the experts.

What are you thinking about this version, please comment below!

Thanks!





Related Posts

Why do Magento websites need PWA?

Why do Magento websites need PWA?

23 Jul 2020
In order to succeed in business, what businesses need to pay attention to is that Magento e-commerce stores to reach potential customers with shopping habits on mobile devices. However, there are many solutions to attract mobile users such as creating feedback websites, building native or hybrid applications and developing Progressive Web Applications - PWA in Magento 2 seem to be the hottest trend. Let's find out what this technology can bring and how we can apply it to existing Magento stores.
Magento 2.3.4: What you need to note (Release notes)

Magento 2.3.4: What you need to note (Release notes)

27 Apr 2020
After launching Magento 2.3.3, most developers are looking forward to the next release in 2020. What’s new in the latest version of the Magento open-source that developers need to note
Some new features on Magento 2.3

Some new features on Magento 2.3

30 May 2018
Magento version 2.3 brings some features to improve UI, UX, and performance. For example, it has a friendly page builder and able to asynchronous API. Besides, Magento 2.3 provides a feature which is MSI - Multi Source Inventory that allows store owners to use function multi-stock on many locations.
Review: Ask Me Anything Event For Magento 2 Technical Team

Review: Ask Me Anything Event For Magento 2 Technical Team

13 Feb 2015
AmA means Ask Me Anything event for Magento 2 Developers happened on Thur, Feb 5, 2015. Have you heard about this big discussion? If not, it is right time to start right away reviewing some key points about Magento 2 in this event.