There was a new serious Drupal vulnerability (SA-CORE-2015-002) announced recently, which has the potential to cause us a whole lot of disruption. Drupal has released updates to address multiple vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to gain access to a system account, including an administrator’s.
Versions affected are as follows :-
- Drupal core 6.x versions prior to 6.36
- Drupal core 7.x versions prior to 7.38
For more details, please go through the updates available here :- https://www.drupal.org/SA-CORE-2015-002
What you have to do ?
You need to update the Drupal version to the latest available version as mentioned follows :-
- If you use Drupal 6.x, upgrade to Drupal core 6.36
- If you use Drupal 7.x, upgrade to Drupal core 7.38
We always advice our clients to use the latest version of CMS and scripts on their website to be safe.
Please feel free to contact our support helpdesk in case you have any queries.