Drupal 7 will reach end-of-life in November of 2021

Drupal 7 was first released in January 2011. In November 2021, after over a decade, Drupal 7 will reach end of life (EOL). Official community support for version 7 will end, along with support provided by the Drupal Association on Drupal.org. This means that automated testing services for Drupal 7 will be shut down, and there will be no more updates provided by the Drupal Security Team. When this...
Read More

Drupal hotfix 7.63 released on 17th January 2019

A hotfix release for an issue affecting some Drupal (Drush) installations was introduced by yesterday's fix for SA-CORE-2019-002 has been released by the Drupal development team. Download Size md5 hash drupal-7.63.tar.gz 3.15 MB 926f05ef0acadfa4ea75fd1d94c8489c drupal-7.63.zip 3.65 MB 466faca7b39a760bebdb7be99d6a658c If you continue to experience issues with Drush following this update, try the...
Read More

Multiple vulnerabilities patched in October 17th Drupal Core update

It's been a while since the last Drupal Core update was released (back in April) but it's now time, once again, to install a Drupal Core update to keep your Drupal websites secure. The following issues with Drupal Core have been patched, and are included in yesterday's update: In some conditions, content moderation fails to check a users access to use certain transitions, leading to an access...
Read More

Drupal admins: Another critical security update is coming for Drupal on Wednesday

Once again, the developers of Drupal are releasing an emergency patch for a critical vulnerability in the popular CMS. The critical security advisory issued on Monday indicates another patch will be released between 16:00 - 18:00 UTC on April 25th, 2018. Specific details of the vulnerability the patch will correct are unclear, as the developers have not provided any hints of the nature of the...
Read More

Drupal developers advise that websites not updated to Drupal 7.58 (or 8.5.1) by Wednesday, 11th April 2018 may have been hacked

Following the remote code execution vulnerability discovered in all versions of Drupal released prior to 28th March 2018, and patched in Drupal 7.58 and Drupal 8.5.1, may have been hacked if they have not been updated to Drupal 7.58 (or 8.5.1) by Wednesday, 11th April 2018, may have been hacked after the Drupal security team became aware of automated attacks attempting to compromise Drupal 7...
Read More

Drupal security team have issued a “highly critical” alert – Drupal website owners should upgrade immediately

The Drupal security team has sent out a "highly critical" alert: "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised." Updating to the latest version of Drupal 7.x or Drupal 8.x is the only way to avoid your...
Read More
important-information-about-the-security-of-websites-running-drupal-version-757-or-below-or-drupal.png

Important information about the security of websites running Drupal 7.57 or below or Drupal 8.5 or below.

This post contains important, time sensitive information about the security of your website if you're running Drupal version 7.57 or below or Drupal 8.5 or below. If you're an O'Brien Media client with a Drupal website you'll probably be familiar with the periodic Drupal update emails we send out regarding how important it is to keep up to date with security patches and other updates for your...
Read More