The Drupal security team has sent out a “highly critical” alert: “A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.”

Updating to the latest version of Drupal 7.x or Drupal 8.x is the only way to avoid your site being compromised. There are no other ways to mitigate the discovered issues.

There is an FAQ page with a little more information on the Drupal website.

Like

Feeling social? Share this with friends and colleagues...

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on skype
Skype
Share on whatsapp
WhatsApp
Share on email
Email