A number of vulnerable Drupal modules are expected to be patched by the end of today. The complete list has not yet been released, as no patches are currently available.

Customers are encouraged to update Drupal sites as soon as possible. If you require a managed update - open a support ticket and we will update your site for a small fixed fee, immediately after modules are released. Generally this would only cost $10, depending on the complexity of your site. 

Drupal core is not effected.  

It is expected exploits will be written and released online within the following hours / days, so please update as soon as possible! 

View online: https://www.drupal.org/node/2764899

* Advisory ID: DRUPAL-PSA-2016-001
* Project: Drupal contributed modules
* Version: 7.x
* Date: 2016-July-12
* Security risk: 22/25 ( Highly Critical)
AC:None/A:None/CI:All/II:All/E:Theoretical/TD:All [1]
* Vulnerability: Arbitrary PHP code execution

Wednesday, July 13, 2016

« Back