If you are running your website using the Drupal content management system then you should pay attention. There is a serious flaw in Drupal versions 7 and 8 that will allow an attacker to compromise your web site. Below is the security advisory from the Drupal Security Team.

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

The security team has written an FAQ about this issue.

 

If you need assistance contact this IT professional at john@panolatech.com.