According to announce sent on new security
patch SUPEE-6482 is available for installation to cover several potential threats, one of which is critical:
The article describes patch installation process via shell / SSH console.
If you have no SSH access to apply the patch, you can simply
upgrade your installation to Magento 22.214.171.124 version which includes all the latest security patches (SUPEE-5344,SUPEE-5994, SUPEE-6285,SUPEE-6482). If Magento upgrade is not possible in the moment due to some reason you still can apply the patch via FTP/sFTP upload as shown in this article.
If you wish to save time and have us to
install these patches for you, simply
click here to order installation.
Step 0: Preparations
Make sure to Disable Magento CompilerSystem > Tools > Compilation and clear compiled cache.
Step 1: Verify your Magento version
As you can see in the example, it is Magento 126.96.36.199
Step 2: Download corresponding patches
Patches are obtained from https://www.magentocommerce.com/products/downloads/magento/
Make sure to get the right version.
Step 3: Place patches into Magento Root directory
Upload your files into Magento root directory.
Step 4: Run the patches
Step 5: Verification and flush of PHP opcode cache
Verify patch status at our patch tester page.
Test that your store is working. If you use PHP opcode caches (APC/XCache/eAccelerator) make sure to flush it after patching (or restart webserver), otherwise code will continue to run from caches.
Additionally, if your store still using default /admin/ path, you may consider securing your Magento /admin/ by admin path change and restrict access to