Skip to main content
Contact Us Contact Us
Free Sign-Up Sign-Up
Ready to Upgrade? Ready to Upgrade?
Video Icon Training Videos
Home
Menu

Latest

  • Learn how you can upgrade your site to CWB 3.0.

 
  • Help Center
    • Getting Started
      • How Does it Work?
      • What's Included
      • Sign-up
      • Site Examples
      • Best Practice
      • Free to Use Images and Icons
      • Private Sites
      • FAQ
      • Accessibility Platform
      • Launch Promotions
      • Website Security
    • Support
      • Contact Us
      • Training Videos
      • User Manual
      • Webform Style Guide
      • SSL Certificates
      • CWB Versions
      • Custom Block Components
      • Style Guide
      • After Hours Support
      • Disaster Recovery
  • Services
    • Design Solutions
    • Website Packages
    • Request A Quote
  • Default Pages
    • Demo Homepage
    • Touchstone Energy Cooperatives
    • Co-op Connections Savings
    • Touchstone Energy Savings
    • Safety Quiz
  • News
  • Subscribe

Critical Drupal Security Patch

Critical Drupal Security Patch
Thursday | March 29, 2018

Good morning Co-op Web Builder enthusiasts. We have an update about a recent high risk security notice that came directly from the Drupal community. A week ago, Drupal.org released information regarding a critical security risk present in all versions of the popular content management system. The initial posting came with a promise that a fix would be available one week later. Yesterday evening marked the day Drupal.org would release the full details of the security risk and provide a solution. Luckily, we got wind of the patches a little earlier than anticipated and got to work on your sites immediately.

We wanted you to know that our team was able to patch all Co-op Web Builder servers within an hour of the release. This includes all CWB 2, CWB 2.5 and CWB 3 sites.

The information below comes directly from the FAQ published by Drupal’s Security team. The link to the PSA (on Drupal.org) is at the very bottom of this article if you would like to read more about it.

As always, if you have any questions at all, please reach out to us at coopwebbuilder@nreca.coop any time you wish.


How many sites are likely affected?

Drupal 8, 7, and 6 sites are affected. According to the Drupal project usage information this represents over one million sites or about 9% of sites that are running a known CMS according to Builtwith.

How dangerous is this issue?

Drupal security advisories include a risk score based on the NIST Common Misuse Scoring System. This helps give an objective sense of the risk of different issues. The risk of SA-CORE-2018-002 is scored 21/25 ( Highly Critical) 

What is the security threat's potential?

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

If you would like to read more about the recent PSA, you can do so at Drupal.org.

Drupal Game of Thrones
Back to Top

Have questions about

your dream project?

Get A Quote View Site Examples

Start receiving communications from us whenever we have upcoming training opportunities or important news to share with you.

Subscribe

Follow Us Online

Quick Links

  • Contact Us
  • Sign up
  • Site Examples
  • Training Videos
  • Best Practice

©2025 Co-op Web Builder. All Rights Reserved.

  • Help Center
    • Getting Started
      • How Does it Work?
      • What's Included
      • Sign-up
      • Site Examples
      • Best Practice
      • Free to Use Images and Icons
      • Private Sites
      • FAQ
      • Accessibility Platform
      • Launch Promotions
      • Website Security
    • Support
      • Contact Us
      • Training Videos
      • User Manual
      • Webform Style Guide
      • SSL Certificates
      • CWB Versions
      • Custom Block Components
      • Style Guide
      • After Hours Support
      • Disaster Recovery
  • Services
    • Design Solutions
    • Website Packages
    • Request A Quote
  • Default Pages
    • Demo Homepage
    • Touchstone Energy Cooperatives
    • Co-op Connections Savings
    • Touchstone Energy Savings
    • Safety Quiz
  • News
  • Subscribe