Search Information Security site


Patch Drupal Web Servers ASAP

Friday, March 30, 2018 - 08:51

Yesterday, Drupal released a patch for a widespread vulnerability in versions 6, 7 and 8. You can read more about this at Drupal’s site:

Links to the various patches for different versions:

As Drupal vulnerabilities are well-known to the bad guys, UVa Information Security recommends that you apply these patches ASAP.

If your UVa web server is managed by ITS CACS, the patch has already been applied and you don't need to do anything.

If you have any questions, please email

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form