Search Information Security site

 

Patch Drupal Web Servers ASAP

Date: 
Friday, March 30, 2018 - 08:51

Yesterday, Drupal released a patch for a widespread vulnerability in versions 6, 7 and 8. You can read more about this at Drupal’s site:

https://groups.drupal.org/security/faq-2018-002

Links to the various patches for different versions:

https://www.drupal.org/sa-core-2018-002

As Drupal vulnerabilities are well-known to the bad guys, UVa Information Security recommends that you apply these patches ASAP.

If your UVa web server is managed by ITS CACS, the patch has already been applied and you don't need to do anything.

If you have any questions, please email it-security@virginia.edu.

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form