Security Alert: Drupal Publishes Second Major Security Patch in 30 Days

Updated:
Websites running the popular Drupal CMS system are under attack as a new vulnerability was published Wednesday. If you use Drupal for any of your web properties, you need to update now.

DrupalWednesday, the Drupal Security team announced patches for the SA-CORE-2018-004 security vulnerability.  Drupal is one of the most popular Content Management Systems on the planet owing to its large development community and open source base.  The U.S. Department of Energy, The Beatles, Turner BroadcastingMajor League Soccer, and Tesla Motors are just a few of the many sites powered by the Drupal platform.

Last Month, on March 28, 2018, the Drupal Security team announced SA-CORE-2018-002, a major security flaw that allowed hackers to execute remote code on any site running Drupal that hadn’t been patched.  Wednesday’s SA-CORE-2018-004 is related to the previous one, being another way to exploit the same vulnerability that was patched in 002.  The Drupal Security team has released patches for both vulnerabilities.

If you are running a site on the Drupal platform, it is highly recommended that you patch both of these vulnerabilities right away because hackers are already using these vulnerabilities to attack thousands of Drupal-powered websites.

Whatever platform you use to run your site or blog, it is critical that you pay attention to security vulnerabilities every day, or that you have a web developer that monitors this for you.  Hackers took less than 6 hours to start exploiting thousands of websites.

Justia offers premium website, blogging, and online marketing solutions for law firms. We have an unparalleled record in helping law firms grow. Regardless of whether you are just starting your online marketing efforts or have a fully developed website and blog, we have solutions to help propel you to the next level. In addition to our website and blog services, we also help clients with content, lawyer directory services, social media, local SEO, and paid advertising. Contact us for more information, or call us at (888) 587-8421.