If your website runs on the popular CMS, Drupal, you may have heard of the security exploits that caused havoc in 2014 called Drupalgeddon. Unfortunately a new series of flaws have been revealed in the past weeks and hackers are already taking advantage of unsecured sites.
Called Drupalgeddon 2.0, these flaws are a very serious threat, as you can tell by the below comment from Drupal’s website:
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.
Drupal have more information contained in this handy FAQ: https://groups.drupal.org/security/faq-2018-002
What should you do? Update your software now! Please refer to our previous article about why updating your software is a good idea. If you don’t manage your own updates or have a website developer who can help you please contact HostAway and we can discuss what options are available to you.