Security Update:Drupal has released a HIGHLY CRITICAL security advisory to address multiple vulnerabilities in Drupal 7.x and 8.5.x
Date and Time
Drupal has released a HIGHLY CRITICAL security advisory to address multiple vulnerabilities in Drupal 7.x and 8.5.x.
Advanced Users: For the full Public Announcement refer to:
- Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002 at: https://www.drupal.org/sa-core-2018-002
- Drupal 8.x- and 7.x
WHAT'S THE PROBLEM?
If exploited, this vulnerability may allow an attacker completely take over the site.
WHAT DO YOU NEED TO DO?
Install the latest version:
- If you use Drupal 8.5.x, upgrade to Drupal Core 8.5.1 at https://www.drupal.org/project/drupal/releases/8.5.1
- If you use Drupal 7.x, upgrade to Drupal Core 7.58 at https://www.drupal.org/project/drupal/releases/7.58
- IT Security - http://it.ucsf.edu/security