Drupal 7.31 and 6.33 released

Drupal Upgrade

Drupal’s latest releases, Drupal 7.31 and Drupal 6.33, are out! These are critical maintenance releases which contain fixes for security vulnerabilities. See the Drupal 7.31 and Drupal 6.33 release notes for further information.

The Drupal security team strongly recommends all websites upgrade their Drupal core to the latest version. According to the team’s announcement:

“Drupal 6 and Drupal 7 include an XML-RPC endpoint which is publicly available (xmlrpc.php). The PHP XML parser used by this XML-RPC endpoint is vulnerable to an XML entity expansion attack and other related XML payload attacks which can cause CPU and memory exhaustion and the site's database to reach the maximum number of open connections. Any of these may lead to the site becoming unavailable or unresponsive (denial of service). All Drupal sites are vulnerable to this attack whether XML-RPC is used or not.”

Your website is your home for online business, so when you know that there are serious security issues don’t you have to fix it? We think you need to protect your website and business. As a website development company, we understand how much time and money is invested in building a website, which is why we ask our clients to keep up to date with their website software.

Find out how our expert Drupal website maintenance team can help protect your website! Get in touch with us today!

Call Drupal Geeks @ 312-340-7112 or send an email to [email protected]