Magento just release a new patch calle SUPEE-5994 with multiple critical security fixes today. It addresses issues including scenarios where attackers can gain access to your customer data. All Versions of Magento CE are impacted. We strongly recommend that you deploy this critical patch to your server immediately. More information on this can be found here.
To download the latest patches please go to the Community Edition download page.
Look for the SUPEE-5994. The patch is available for CE 1.4.1– 126.96.36.199.
Be sure to implement and test the patch in a development environment first to confirm that it works as expected before deploying it to a production site.
If you have any troubles with this don’t hesitate to contact us!