Wednesday, November 5, 2014

Drupal - Whew!

When you read news like this--about a complete compromise of a content management system like Drupal--you have to be grateful someone else is handling your web site:
Drupal websites that had not patched seven hours after the disclosure on a "highly critical" SQL injection (SQLi) hole disclosed on 15 October are essentially hosed, the content management tool's developers say.
Source: The Register's DRUPAL-OPCALYPSE! 
If you did not update your site within seven hours of the bug being announced, we consider it likely your site was already compromised," the team noted in asecurity announcement. Source: CMS Wire
How many folks does this affect?
Drupal powers about 2.7 percent of the world's websites, behind only WordPress (47 percent) and Joomla (10.5 percent), according to BuiltWith, a website profiler tool. BuiltWith estimates 266,556 websites are currently using Drupal 7.
What to do next...if you were hacked.

View my Flipboard Magazine.
Make Donations via PayPal below:

Everything posted on Miguel Guhlin's blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure

No comments:

The Courage to Lead