Dear Customer,

Greetings from HostGator India!

This is to inform you regarding the recent Security advisory released by Drupal. A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.


Solution:

Upgrade to the most recent version of Drupal 7 or 8 core.

If you are running 7.x, upgrade to Drupal 7.59.
If you are running 8.5.x, upgrade to Drupal 8.5.3.

If you are unable to update immediately, or if you are running a Drupal distribution that does not yet include this security release, you can attempt to apply the patch below to fix the vulnerability until you are able to update completely:

Patch for Drupal 8.x (8.5.x and below)
Patch for Drupal 7.x
These patches will only work if your site already has the fix from SA-CORE-2018-002 applied. (If your site does not have that fix, it may already be compromised.)

Refer the link given below to update Drupal.

---
Drupal 7: https://www.drupal.org/docs/7/update/core-option-3
Drupal 8: https://www.drupal.org/docs/8/update
---

To know more about this vulnerability, please refer here.

Note: Kindly ignore the mail, if you are not using Drupal application in your domains.

Please contact our Support team if you have any concerns.

Regards,
Akson David.