MyCERT Advisories, Alerts and Summaries for the year 2017
MA-669.062017: MyCERT Advisory – Drupal Releases Security Updates
Date first published: 23/6/2017
Drupal is a popular content management system that is free and open source. Drupal has released an advisory to address several vulnerabilities in Drupal versions 7.x and 8.x.
A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
3.0 Affected Versions
• Drupal core 7.x versions prior to 7.56
• Drupal core 8.x versions prior to 8.3.4
Users and administrators are recommended to do necessary updates by following either of these instructions below:
• If the site is running Drupal 7.x, upgrade to Drupal core 7.56
• If the site is running Drupal 8.x, upgrade to Drupal core 8.3.4
Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
Phone: 1-300-88-2999 (monitored during business hours)
Fax: +603 89453442
Mobile: +60 19 2665850 (24x7 call incident reporting)
SMS: CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours: Mon - Fri 09:00 -18:00 MYT