Many of the largest hosting companies that specialize in provisioning environments for the Drupal CMS are reporting in on the real threat of this latest vulnerability. Commercial Progression is a partner with Acquia, one of the internet’s largest Drupal hosts, their advice is simple…
Actions to take
You should upgrade your site to Drupal 7.32. This ensures that all security vulnerabilities are closed.
When security patch SA-CORE-2014-005 was released on Wednesday of this week, Commercial Progression immediately applied this patch for our customers covered by a DrupalCare PRO-ACTIVE support plan.
Another large host, Pantheon, specializing in Drupal hosting reported the following observation.
This is not a drill: black-hat scripters from sketchy domains are working through lists of known Drupal websites probing for exploits. If you have not patched all your sites, stop reading and do it right now.
Read the Pantheon Blog Post Here
If you would like to receive PRO-ACTIVE update support from future exploits like the one resolved by SA-CORE-2014-005, contact us today and we can help you choose a plan that is appropriate for your business.