Michael D. Posted November 1, 2014 Report Share Posted November 1, 2014 Hello, This only specifically concerns users that are running Drupal [not everyone, generally you would know] but the security implications of not keeping a piece of software up-to-date applies to everything such as WordPress, Joomla, etc. Drupal has announced that if you did not patch the Drupal Vulnerability announced/patched October 15, 2014 within 7 hour of the patch being released that more than likely you were already hacked/compromised. We've found numerous accounts on our network that are up to date but the patches were applied after the sites were compromised initially. Here is Drupal's formal announcement stating as well: Drupal Core - Highly Critical - Public Service announcement - PSA-2014-003 and here is the original vulnerability patch announcement: SA-CORE-2014-005 - Drupal core - SQL injection. If you are running Drupal regardless of whether you've been upgraded or not you should check your account for unauthorized modifications. Looking in the core folder for Drupal we've more often than not seen scripts such as "view.php" "graph.php" "document.php" etc - files that are not actually a part of Drupal and are malicious and in many cases we have also found other malicious files distributed through affected accounts at the same date/time. Understand these are not server level issues and there is relatively little we could do as a provider to protect you from this. We try to make it clear in our Terms of Service and on our company forums that keeping all software installations up to date is very important for account security. While this notice is specifically about Drupal - the advice does apply to all third party scripts installed within your account. This isn't to cause you distress or trouble but simply to help you keep your account secure against malicious third parties.For more details on this specific Drupal vulnerability please see the following links:Drupal Core - Highly Critical - Public Service announcement - PSA-2014-003 SA-CORE-2014-005 - Drupal core - SQL injection Drupal warns unless you patched within seven hours, you're hacked Millions of websites hit by Drupal hack attack Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.