On Tuesday, July 28, Magento Commerce and Magento Open Source 2.4 will be released with General Availability. This release will include important updates to security, quality, and platform technologies along with several new capabilities.
Additionally, on the same date, Magento will also release the Security-only patch, 2.3.5-p2, providing Magento Merchants with another layer of security, designed to protect merchants from security breaches and online fraud.
Highlights for Magento 2.4 General Availability update:
Substantial security enhancements
Over 30 security enhancements that help close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities. Including default enabled Two-factor authentication (2FA).
Platform upgrades and Removals
The following platform upgrades help enhance Magento website security and performance. Magento introduced support for PHP 7.4, PHPUnit 9.x, Elasticsearch 7.6.x, MySQL 8.0, MariaDB 10.4, etc. Including removals, MySQL catalog search engine, core integration of the Signifyd fraud protection code, the core Braintree module, and more.
With this update, Magento improved the overall quality of the Framework as well as these modules; Customer Account, Catalog, CMS, Import, Cart and Checkout, and B2B.
Improvements to customer data section invalidation logic, multiple optimizations to Redis performance, improved caching of results of SQL queries to inventory tables, improvement of up to 25-30% to Quick Order add-to-cart performance, use of lazy loading to load images, etc.
Adobe Stock Integration v2.0
Ability to license stock image previews from the Media Gallery, saving a tremendous amount of time for Merchants as they can now easily license stock preview images.
There is much more in the Magento 2.4 updates, including new media gallery, page builder now supports PHP 7.4, inventory management enhancements, GraphQL enhancements, order approval workflow feature for B2B, vendor-developed extension enhancements, fixed issues, etc.
You can learn more here: devdocs.magento.com