Drupal 7 will reach end-of-life in November of 2021

Drupal 7 was first released in January 2011. In November 2021, after over a decade, Drupal 7 will reach end of life (EOL). Official community support for version 7 will end, along with support provided by the Drupal Association on Drupal.org. This means that automated testing services for Drupal 7 will be shut down, and there will be no more updates provided by the Drupal Security Team. When this...
Read More

Drupal hotfix 7.63 released on 17th January 2019

A hotfix release for an issue affecting some Drupal (Drush) installations was introduced by yesterday's fix for SA-CORE-2019-002 has been released by the Drupal development team. Download Size md5 hash drupal-7.63.tar.gz 3.15 MB 926f05ef0acadfa4ea75fd1d94c8489c drupal-7.63.zip 3.65 MB 466faca7b39a760bebdb7be99d6a658c If you continue to experience issues with Drush following this update, try the...
Read More
upgrade-today-critical-vulnerability-in-phpmailer-affects-wordpress-drupal-websites.jpeg

Drupal 7.62 – Security update released on 16th January 2019

The Drupal development team have released a maintenance and security release of the Drupal 7 series. This release fixes security vulnerabilities. Customers using Drupal 7 are urged to upgrade immediately after reading the notes below and the security announcement: Drupal Core - Third-party libraries - SA-CORE-2019-001 Drupal Core - Remote code execution - SA-CORE-2019-002 No other fixes are...
Read More

Drupal admins: Another critical security update is coming for Drupal on Wednesday

Once again, the developers of Drupal are releasing an emergency patch for a critical vulnerability in the popular CMS. The critical security advisory issued on Monday indicates another patch will be released between 16:00 - 18:00 UTC on April 25th, 2018. Specific details of the vulnerability the patch will correct are unclear, as the developers have not provided any hints of the nature of the...
Read More

Drupal developers advise that websites not updated to Drupal 7.58 (or 8.5.1) by Wednesday, 11th April 2018 may have been hacked

Following the remote code execution vulnerability discovered in all versions of Drupal released prior to 28th March 2018, and patched in Drupal 7.58 and Drupal 8.5.1, may have been hacked if they have not been updated to Drupal 7.58 (or 8.5.1) by Wednesday, 11th April 2018, may have been hacked after the Drupal security team became aware of automated attacks attempting to compromise Drupal 7...
Read More

Drupal security team have issued a “highly critical” alert – Drupal website owners should upgrade immediately

The Drupal security team has sent out a "highly critical" alert: "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised." Updating to the latest version of Drupal 7.x or Drupal 8.x is the only way to avoid your...
Read More
important-information-about-the-security-of-websites-running-drupal-version-757-or-below-or-drupal.png

Important information about the security of websites running Drupal 7.57 or below or Drupal 8.5 or below.

This post contains important, time sensitive information about the security of your website if you're running Drupal version 7.57 or below or Drupal 8.5 or below. If you're an O'Brien Media client with a Drupal website you'll probably be familiar with the periodic Drupal update emails we send out regarding how important it is to keep up to date with security patches and other updates for your...
Read More
drupal-757-drupal-845-critical-security-update-for-drupal-websites-upgrade-today.jpg

Drupal 7.57 and Drupal 8.4.5 – Critical security update for Drupal websites – upgrade today

Critical security updates for Drupal (Drupal 8 version 8.4.5 and Drupal 7 version 7.57) have been released and it is essential that any websites using earlier Drupal versions are upgraded as soon as possible to keep them secure and prevent hacks and unauthorised access, including information disclosure, content tampering,...
Read More
drupal-757-drupal-845-critical-security-update-for-drupal-websites-upgrade-today.jpg

Drupal 7.56 and Drupal 8.3.4 – Security updates now available

Security releases for Drupal (Drupal 8 version 8.3.4 and Drupal 7 version 7.56) which contain fixes for security vulnerabilities are now available and it's advisable that any websites using earlier Drupal versions are upgraded as soon as possible to keep them secure and prevent hacks and unauthorised access, including information disclosure. We can upgrade...
Read More
what-are-the-long-term-effects-of-not-updating-website-software-like-drupal-wordpress.jpg

What are the long-term effects of not updating website software like Drupal and WordPress?

Previously, we've covered why it's essential to keep your WordPress website, plugins and themes up to date and the same rules apply to sites running any content management system (Drupal, Zencart, Joomla!, etc) but what if you don't? What, aside from the security implications, are there for your website?  First of all, you're going to have to...
Read More