A critical bug has been found in Drupal… Are you up-to-date?
On 03/18/2015, Drupal announced that an important and critical bug, which was given the original nickname SA-CORE-2015-001, has been found in both Drupal 6 and Drupal 7, and therefore recommends that all users immediately upgrade to version 6.35 or 7.35.
The bug would allow hackers to access user accounts on the CMS, without knowing the correct password, by sending false password e-mails. If a user reacts to such an e-mail, a hacker could take full or partial control of the website, with all the ensuing consequences.
Drupal therefore recommends:
- To make a backup of your current installation
- To upgrade ASAP to the de latest version
- In the meantime, not to click any links in e-mails that you may receive to reset your Drupal password