Hacker News new | past | comments | ask | show | jobs | submit login

The Drupal Security Team decided to post a PSA today reinforcing the criticality of this bug. Most of the big sites, including all the sites hosted on popular Drupal PaaS services like Acquia Cloud and Pantheon, were updated or otherwise protected promptly when the original vulnerability was released.

Many other sites were patched within hours.

However, there's a long tail of sites still running Drupal <7.32, and all those site's owners should assume, at this point, they've been compromised. As such, this PSA gives instructions for how to avert total disaster.




and by long tail we mean 75% of drupal 7 sites.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: