Security patches and upgrades are released from time to time to ensure swift operation and security from any attacks. Magento released a patch for the SQL injection attack that is named PRODSECBUG-2198. Generally, issues require some kind of admin access if they are being exploited but SQL injection attack does not require this and hence can be exploited without any authentication. Though hackers cannot write into Magento but they can read data like encrypted admin passwords. These passwords can be cracked by hackers while gaining access to a Magento store. This blog tells the importance of the SQL injection patch and briefs about applying the patch.
Disclaimer: The above article has been aggregated by a computer program and summarised by an eCommerce specialist. You can read the original article at Lexiconn