The Zend Framework vulnerability potentially allows an attacker to read any file on the web server where the Zend XMLRPC functionality is enabled. So potentially an attacker can read configuration file of your Magento installation. It is very important to apply security patches that were released by Magento yesterday.
Because Magento is a very popular website application will always exist attempts to find weaknesses inside of the code that will allow access to the core administrator features. When a Magento site is breached, it is normally because of one of the following:
You can rely on us to help you with your Magento powered website’s security. We will review and harden the security of your Magento powered website. Our audit and hardening will reduce the chances of your Magento website being hacked. We harden the security of your existing Magento website, offer advice about server set-up and best practise for your web site administrators.
As part of our Magento Security services, we will analyse your website, procedures and site usage by visitors, review your extension versions verify magento vulnerability extension list and if present we’ll advise on replacements with client’s permissions and also, we’ll recommend upgrades where they are needed.