In short, we check and patch all security issues and vulnerabilities in Magento Core that we are aware of.
In details, we check current state, verify already applied patches, local overrides and install the following Magento security patches:
SUPEE-9652,SUPEE-8788,SUPEE-7405v1.1,SUPEE-7405,SUPEE-6788,SUPEE-6482,SUPEE-6285,SUPEE-5994,SUPEE-5344,SUPEE-3941 and SUPEE-3762. Additionally, we patch known RCE vulnerabilities in the following third-party extensions: EM Ajaxproducts RCE vulnerability, Cart2Quote RCE vulnerability, MD Quickview RCE vulnerability.
Verification of current store state prior to the patch installation takes more time than patch installation itself and some patches require other patches to be correctly installed already, so it is important to preserve the order and verify the correct order of already applied patches. Therefor installation cost is the same for all patches or only the latest one. If we should skip verification or installation of some specific patch(es), please mention this in the request.
Magento security patch installation process is usually completed within two-four hours:
View sample transcript of patching by our tech in action
you submit the request form and initiate the payment
we connect to your servers and verify the information and Magento state
we check for all already applied patches, extensions installed and its state
we backup all files to be patched
we disable Magento compiler (if needed)
we apply all needed security patches one by one solving any possible issues that may arise
we patch all local overrides that were skipped during patch installation
we flush PHP opcode cache (if needed)
we apply fixes for known compatibility issues that may arise after patch installation
we notify you about the process completion
In the event of unsatisfactory results (there were two such cases to the moment), we revert patched files from backup and roll back the payment transaction.