Protection against critical Drupal security bug SA-CORE-2018-002

Posted March 28th, 2018 in Tech Corner. Tags: .

The authors of the Drupal CMS software today announced a “highly critical” Drupal security bug (SA-CORE-2018-002).

This vulnerability is likely to be widely exploited soon. If you use Drupal 6, 7 or 8 without updating it, your site will be compromised (taken over by “hackers”).

To protect our customers who have installed Drupal, we have “patched” the vulnerable files on every copy of Drupal on our servers, blocking the attacks that we expect to see in the future. We used these patches:

So our customers are protected against this particular problem. But that doesn’t mean you shouldn’t upgrade Drupal: older versions also have other security bugs. If you’ve installed the Drupal software on your site, please make absolutely sure you’ve upgraded to the latest version today.

  1. Recent Posts

    1. PHP versions 8.2.17 and 8.3.4
    2. President’s Day 2024 holiday hours
    3. PHP versions 8.1.27 and 8.2.15
    4. Martin Luther King, Jr. Day 2024 holiday hours
    5. New Year’s 2024 Holiday Hours
    6. Christmas 2023 Holiday Hours
    7. Brief scheduled maintenance December 16-17, 2023
    8. Thanksgiving 2023 Holiday Hours
    9. PHP versions 8.1.25 and 8.2.12
    10. PHP versions 8.1.24 and 8.2.11

  2. Categories

  3. Tags

    all servers email holiday hours linux mailman maintenance mod_security mysql network php phpmyadmin security server updates spam ssl status updates webmail wordpress zapp

  4. Feeds