Our website is made possible by displaying online advertisements to our visitors.
Please consider supporting us by disabling your ad blocker.
Results 1 to 3 of 3

Thread: Using Drupal 7 - READ THIS

  1. 16-10-2014, 01:48 PM #1
    Marc J
    Marc J is offline
    Web Guru Marc J's Avatar
    Join Date
    Feb 2007
    Location
    Edinburgh
    Posts
    3,340

    Default Using Drupal 7 - READ THIS

    *IMPORTANT* - Drupal version 7 vulnerable to compromise. Update REQUIRED.

    If you have Drupal version 7 installed on your website you need to take immediate action, otherwise your website could be compromised and defaced, deleted, used to send spam or launch attacks against others.

    Drupal is a Content Management System (CMS) similar to Wordpress, which many people have installed to manage their websites. It isn't installed by default, so if you're not familiar with it, then it's likely you do not have it installed.

    You can check if you have Drupal by visiting http://<your site>/?q=user - if this shows a login screen, then you have Drupal. If not, then you're in the clear and you can ignore this message.

    If you have Drupal installed, you need to check the version. Look for a file called "CHANGELOG.txt" in your web root directory (also check any add-on domains' directories). The first line of this file should tell you what version is installed - e.g. "Drupal 7.28, 2014-05-08"

    If the line shows "Drupal 6." - then you do NOT need to update it.
    If the line shows "Drupal 7." - then you DO need to update it.

    Drupal versions 7.00 through to 7.31 are vulnerable to attack. Only the latest version 7.32 is safe.

    If your host is using auto install / update scripts like Softaculous in cPanel then you can visit the Softaculous panel in cPanel to install an update.

    Otherwise, for help on updating Drupal, see this URL : https://www.drupal.org/node/1223018

    If you have a web developer, ask for their help in updating.

    More info: -

    https://www.drupal.org/SA-CORE-2014-005
    http://www.theregister.co.uk/2014/10...sql_injection/
    Reply With Quote Reply With Quote
  2. 16-10-2014, 05:11 PM #2
    Marc J
    Marc J is offline
    Web Guru Marc J's Avatar
    Join Date
    Feb 2007
    Location
    Edinburgh
    Posts
    3,340

    Default

    I just checked a few random MDD member sites and there's at least one (who may be on a cruise ship at the moment) who is using Drupal and is not patched against this exploit...

    Check your websites!
    Reply With Quote Reply With Quote
  3. 01-11-2014, 04:08 PM #3
    Marc J
    Marc J is offline
    Web Guru Marc J's Avatar
    Join Date
    Feb 2007
    Location
    Edinburgh
    Posts
    3,340

    Default

    UPDATE: https://www.drupal.org/PSA-2014-003

    Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 - Drupal core - SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.
    So, if you weren't patched by Oct 15th, 11pm GMT (16 hours before I posted the OP) you should assume you were hacked. Worse, simply applying the patch does not fix backdoors that the attacker may have introduced.

    Even if it seems like you are were patched, check with your web developer / host, and make sure it was them who applied the patch and that it was done before the cut-off time above, as some attackers actually applied the patch in order to make sure they were the only ones in control of the site / server.
    Last edited by Marc J; 01-11-2014 at 04:17 PM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules