+61 8 9249 3646

Drupalgeddon 2.0: Why is the sequel always worse?

Drupalgeddon 2.0: Why is the sequel always worse?

If your website runs on the popular CMS, Drupal, you may have heard of the security exploits that caused havoc in 2014 called Drupalgeddon. Unfortunately a new series of flaws have been revealed in the past weeks and hackers are already taking advantage of unsecured sites.

Called Drupalgeddon 2.0, these flaws are a very serious threat, as you can tell by the below comment from Drupal’s website:

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

Drupal have more information contained in this handy FAQ: https://groups.drupal.org/security/faq-2018-002

What should you do? Update your software now! Please refer to our previous article about why updating your software is a good idea. If you don’t manage your own updates or have a website developer who can help you please contact HostAway and we can discuss what options are available to you.