Drupal 7 compromised

Dear Reader,

In case you are using Drupal 7 (!) please read this: https://www.drupal.org/security

And for our beloved commentator, Smiles, this is an attempt to bore you to death, as promised here.

Drupal is a content management system, software that helps one publishing online. Drupal is free and open source software and very popular, according to Wikipedia at least 2.1% of all websites worldwide use it including WhiteHouse.gov and data.gov.uk.

At one point I had considered using it too. But for Diablog, Drupal is too bloated with features and more difficult than for example WordPress.

Now I am happy we did not use it. Because according to the Drupal team, every Drupal 7 installation, that was not updated prior to October 15, is almost certainly compromised. And compromised means, someone has taken over the server and copied all data. Within less than 24 hours after a security hole and the fix were published, servers running Drupal 7 were hacked automatically.

Drupal 7 users now have to find a two week old backup, erase all data and programs on the server, re-install all software, upload the backup, and – the most tiresome – re-write everything from October 15. The poor people lost two weeks of work, what a nightmare.

Stay sane and safe,

Engine Room

6 thoughts on “Drupal 7 compromised

  1. If I didn’t know better I would say that ER is smoking something suspicious.

    ER, have you ever thought of writing a book, it would take your mind off trawling the net to find info that none of us understand.

    What happened to women & cars ???? Smiles, Glynsky & myself like them. We don’t understand either, but that doesn’t matter, they look good.

Comments are closed.