Drupal security update PSA-2019-02-19: Exove clients safe and sound
On Tuesday Drupal announced that there would be a critical security release coming up late in the evening on Wednesday, February 20th. This release was rated as highly critical with severe implications and we didn’t know which of our clients’ Drupal sites would be affected and how.
When the release was published, we immediately acted on the information available and assessed the situation. A group of our hardcore developers had pledged to work overtime and help out.
After intense investigation by the fast response team to get to the bottom of the issue, all Exove Drupal installations were checked for the vulnerability within an hour.
Luckily the investigation concluded that most of the services were not affected by the vulnerability. The only vulnerable service was quickly fixed by the fantastic Nikolay Mihaylov with the help of Kalle Kipinä and Ilari Stenroth.
Only a couple of hours later, the first automated attack attempts were discovered. Our clients were safe and sound.
Your security in mind, now and tomorrow,