A security alert has been released for DRUPAL web sites. Drupal is one of the top 3 CMS (content management systems) for websites. These vulnerabilities have not been found in Joomla and WordPress (the other top 2 CMS’s). One of the issue vulnerabilities are found in the update process and allow hackers to upload “poisoned” content to the server or even take over the server. This means that a hacker can change the content on the websites running, including malicious content that could be downloaded by site visitors.
This vulnerability was posted earlier this month at http://blog.ioactive.com/2016/01/drupal-insecure-update-process.html. We have not seen a fix to this vulnerability as of two weeks later.
If your website is running on a Drupal server and you’ve been thinking about a website update, now is the time to give us a call! Give us a call to learn about WordPress and why switching may be the right thing for you!