Highly Critical Drupal Vulnerability

Highly Critical Drupal Vulnerability

DearBytesAlertsHighly Critical Drupal Vulnerability

What is going on?

A new highly critical vulnerability has been found in the popular CMS Drupal. This vulnerability could allow an attacker to take over a website. The vulnerability has been fixed within the latest version of the software. The impact of the attack would mean remote control of the vulnerable systems. DearBytes expects that criminals will soon launch a large scale attack that would automatically exploit and infect vulnerable websites. For this reason, we advise to upgrade immediately to the latest Drupal version as soon as possible.

For more information please refer to the Drupal FAQ website

Who does this apply to?

This security issue identified as CVE-2018-7600 applies to all maintained versions of Drupal. This include Drupal 8,7 and 6.

What can you do?

Even though there are possibilities to mitigate this vulnerability applying some important configuration changes, The Drupal Security Team strongly recommended to install the security patch.