PROACTIVE SECURITY WITH MAGEREPORT.COM
Installing Magento Patches
Magento recently launched several patches to correct vulnerabilities in the system. It is recommended that you upgrade your store to the latest version of Magento, and install any security-related patches as soon as they become available.
Make sure to stop by our Magento Security Center, and sign up for the Security Alert Registry to receive direct notification from our security team of any emerging issues and solutions.
Because of the variation in hosting environments and access to the server, there is no “one size fits all” way to install a patch. This article describes three methods to install a patch, and also how to revert a patch.
If your hosting provider doesn’t provide SSH access to the server, try one of the other methods. Although the focus of this article is on security patches, the same methods can be used to install any Magento patch.
Step 1: Back Up Your Magento Installation
Always back up your Magento installation before installing a patch. To learn more, see: Creating a Backup
Step 2: Download the Patch
To download the recommended patches for your version of Magento Community Edition, visit the Magentodownload page.
Step 3: Disable the Compiler
If your store is compiled, make sure to disable compilation before installing a patch. After installing a patch, test the store thoroughly. Then, run the compiler again. Your store must be recompiled for the patch to take effect.
Step 4: Install the Patch
Referance:
http://docs.magento.com/m1/ce/user_guide/magento/installing-magento-patches.html