What’s New in Adobe Commerce 2.4.8: Key Updates & Features
What’s New in Notes
Adobe Commerce 2.4.8 is now available—packed with vital security fixes, next-generation platform support, and more than 500 quality fixes meant to keep your storefront fast, secure, and future-proof. Here, we’ll get into each key update, tell you why you can’t risk waiting to upgrade, and offer best practices to ensure a quick and easy upgrade.
Adobe Commerce 2.4.8 – Patch Rollout Plan & Support Timeline
Adobe releases regular patches for the Magento 2.4.8 release to keep the platform secure and running at its best. Release dates are subject to change and can be updated—make sure to check this schedule frequently to be current on upcoming deployments of patches.
| General Availability | Patches |
| April 8, 2025 | Adobe Commerce 2.4.8 – Official Release – Performance improvements – Quality enhancements – Security enhancements – Third‑party dependency updates |
| June 10, 2025 | Security patch release Applies to 2.4.8, 2.4.7, 2.4.6, and 2.4.5 |
| August 12, 2025 | Security patch release Applies to 2.4.8, 2.4.7, 2.4.6, and 2.4.5 |
Here are the End of Support Dates for the versions:
| Version | End of Support Date |
| 2.4.4 | April 2026 |
| 2.4.5 | August 2026 |
| 2.4.6 | August 2026 |
| 2.4.7 | April 2027 |
Key Highlights in Adobe Commerce 2.4.8 Release Notes
- Enhanced security in accordance with best practice today
- Compatibility for long-term support for PHP 8.4 & MariaDB 11.4
- GraphQL API improvements for faster migration to Edge Delivery
- Over 500 quality fixes in core functionality
Support extended to April 2028, allowing for peace of mind
Benefits of Upgrading to Adobe Commerce 2.4.8
Security compliance: Remain safe from newly revealed vulnerabilities (see APSB25-26)
Performance improvements: Take advantage of new PHP and database engines for improved page loading.
Support period extended to: 2.4.8 is supported through April 2028—mitigate risks.
Future‑ready: Designed for future migration to Cloud Service and Edge Delivery.
Below are the standout emhancements in this latest update:
Security
- Duo Security 2FA upgrade –
- This update further refines DUO Security 2FA in Adobe Commerce by combining the current version of the Web SDK(v4).
- Also among its new features, this update allows for a seamless migration to Duo Universal Prompt– simply input your Client ID and Secret in Admin settings.
- This update further refines DUO Security 2FA in Adobe Commerce by combining the current version of the Web SDK(v4).
- Encryption key management
- Encryption key handling is completely revamped for smoother use and fewer bugs.
- Admin UI key changes are no longer supported; you must use the CLI tools.
- Encryption key handling is completely revamped for smoother use and fewer bugs.
- One‑time password (OTP) settings
- Fixes a glitch introduced by an incompatible change in version 2.4.7.
- Clarifies the OTP Window setting and updates its default value from 1 to 29.
- Fixes a glitch introduced by an incompatible change in version 2.4.7.
Subresource Integrity (SRI) – SRI hashes now live in area‑specific folders under pub/static (adminhtml, base, frontend), so you no longer have to redeploy static files after clearing the cache.
Platform
- Cache – release includes support for Valkey 8.x.
- Database – Adobe Commerce 2.4.8 now supports MariaDB 11.4 LTS (supported through 2029) and MySQL 8.4 LTS (supported through 2032), replacing versions 10.6 and 8.0 (EOL 2026) to keep your store secure and high‑performing.
- UTF8MB4 Collation: MySQL defaults to utf8mb4 for complete Unicode support and future-proofing using MySQL 8+, in place of deprecated utf8mb3.
- Stronger Foreign‑Key Checks: MySQL 8.4 enables restrict_fk_on_non_standard_key by default—this disallows non‑unique and partial foreign keys. Disable this to preserve your current schema, or use –skip-restrict-fk-on-non-standard-key at startup.
- UTF8MB4 Collation: MySQL defaults to utf8mb4 for complete Unicode support and future-proofing using MySQL 8+, in place of deprecated utf8mb3.
- Message Queue – This update Now supports RabbitMQ 4.x— Customers Must migrate from classic mirrored queues to quorum queues for full high‑availability.
- PHP
- This update adds PHP 8.4 compatibility for Adobe Commerce
- This update removes PHP 8.1 from all Adobe Commerce project libraries, dependencies and more.
- Remove PHP 8.1 compatibility. Customers must upgrade to PHP 8.3 before upgrading to Adobe Commerce 2.4.8.
- This update, removed outdated PHP 8.1 features from the core platform and Ensure PHP 8.2 compatibility.
- Components – These third‑party components and dependencies were updated, including Composer 2.8.x, glob 11.0.0, grunt-contrib-connect 5.0.0,jQuery/Bootstrap 5.3.3,nginx 1.26,PHPUnit 10.x and others latest releases to boost the platform’s reliability and performance.
- Search – Adobe Commerce is now optimized for OpenSearch 2.19 and is no longer compatible with Elasticsearch.
Performance
Indexers: For new Adobe Commerce installations or upgrades, the indexer now defaults to “Update by Schedule.”
Product Prices: Customers can now use the /V1/products/tier-prices REST API endpoint to update large batches of tier prices quickly and reliably—no more slowdowns or site freezes.
Quality
Inventory: Removes hidden Catalog dependencies in InventoryIndexer, ensuring consistent product creation and stock status changes.
Orders: “Submit Comment” button relabeled to “Update” to reduce confusion on the Order Detail page.
GraphQL
Cart and checkout
- In order to support better pricing and discount computation, more fields were introduced to the type CartItemPrices.
- When the total on the order is zero, the checkout process will only show the “Free” payment option.
- The StoreConfig GraphQL query is able to fetch terms and conditions configuration now.
- The CartPrices type has added the grand_total_excluding_tax property.
Customers and customer groups
- Improved generateCustomerToken to show clear messages for unconfirmed emails.
- Added resendConfirmationEmail mutation for email confirmation retries.
- Introduced customerSegments query for personalization.
- Added customerGroup query for guest and customer group info.
- Enabled customer group management with new configs, allCustomerGroups query, and access to Customer.group.
- Added customer.addressesV2 with address pagination support.
Staging & Preview: Fixes scheduled update attribute clearing and cart price rule sync issues.
UI Framework: Addresses Prototype.js CVE‑2020‑27511, source map path fixes, and better file‑field validation.
Upgrade Recommendations
To maximize the benefits of Adobe Commerce 2.4.8, follow these best practices:
- Audit Your Environment
- Verify PHP, database, and RabbitMQ versions.
- Review custom extensions for PHP 8.4 compatibility.
- Verify PHP, database, and RabbitMQ versions.
- Plan & Test
- Apply the latest security patch if full upgrade must wait.
- Perform a full regression test in a staging environment.
- Benchmark performance before and after the upgrade.
- Apply the latest security patch if full upgrade must wait.
- Execute
- Update via Composer:
- Update via Composer:
composer require magento/product-community-edition=2.4.8 –no-update
composer update
bin/magento setup:upgrade
bin/magento cache:flush
- Migrate queues to quorum and rotate encryption keys via CLI.
- Validate & Monitor
- Smoke test checkout, admin workflows, and GraphQL endpoints.
- Monitor logs for deprecation warnings and errors.
- Smoke test checkout, admin workflows, and GraphQL endpoints.
FAQ’s
Q: Which system configurations are required for Magento 2.4.8?
A: Magento 2.4.8 is compatible with PHP 8.3 and 8.4, MariaDB 11.4, MySQL 8.4, and other up‑to‑date technologies. Be sure to check the complete system requirements to verify full compatibility.
Q: What are the standout features of Magento 2.4.8?
A: This release delivers advanced security enhancements, support for PHP 8.4 and MariaDB 11.4, major GraphQL API upgrades, plus more than 500 fixes and improvements across the platform.
Q: Until when will Magento 2.4.8 be supported?
A: Adobe Commerce 2.4.8 will receive updates and security patches through April 2028, ensuring ongoing protection and feature additions.
Q: What benefits will my existing store see after upgrading to Magento 2.4.8?
A: Moving to 2.4.8 gives you the latest security patches, performance boosts, and new features—keeping your store both secure and cutting‑edge.
Summary
Magento 2.4.8 delivers a powerful suite of improvements—accelerating page load times, streamlining database queries, and bolstering security defenses. Alongside these headline upgrades, you’ll find hundreds of bug fixes, stability refinements, and extended support for modern PHP and database versions. Altogether, this release makes your store faster, safer, and more resilient—setting you up for long‑term success.