FW: URGENT: Drupal Security Exploit / Response Teams

3 views
Skip to first unread message

Marshall, Gregg (ITS)

unread,
Oct 31, 2014, 1:04:16 PM10/31/14
to Drupal User Group - NYS Forum (nys-drupal-users@googlegroups.com), Atkins, Thomas (ITS), Berlin, Dale (ITS), Case, Meredith (ITS), Catalina, Christopher (ITS), Charde, Luke T (ITS), Delsignore-Dyer, Cherlyn (ITS), Dunn, Elizabeth (ITS), Dyer, Keith T (ITS), Fasoldt, Adam Vincent (ITS), Galinski, Melanie (OGS), Geracitano, Ginger (ITS), Gilman, Adam (ITS), Green, Michael (ITS), Greenberg, Benjamin M (ITS), Harrison, Jessica (ITS), Herb, Jeffrey (ITS), Jordan, Courtney (ITS), Juste, Jean (ITS), Kavanagh, James (ITS), Kircher, Dillon (ITS), Lamin, Tamba (ITS), Marshall, Gregg (ITS), McKenna, Brendan (ITS), Miller, Bernie (ITS), Muller, Daniel (HEALTH), Murdock, Lyndsay (ITS), Perrotte, Valerie (ITS), Pratt, Jennifer (ITS), Pratt, Sherry M (ITS), Rieker, Diana (ITS), Semeiks, Pamela (ITS), Steinborn, Eric (ITS), Thayer, Christine (ITS), Tryson, Robert (ITS), VanWormer, Christofer (ITS), Warner, Jennifer L (OGS), Zuker, Leslie (ITS), Kavanagh, James (ITS), Charde, Luke T (ITS)

In case you haven’t gotten this information via another channel, I’m forwarding it to you.

 

If  you have a Drupal 7 site, read this now.

 

Gregg Marshall

IBM Consultant/Contractor, Drupal Development

NYS ITS Web Services

gregg.m...@its.ny.gov

 

From: Charde, Luke T (ITS)
Sent: Thursday, October 30, 2014 3:41 PM
To: Kamya, Moses (ITS); Brennan, Leslie (ITS); Rose, Ray (ITS); McKinney, Kim (ITS); Gigandet, Adam (ITS); Schloth, Art (ITS); Norton, John (ITS); Vasko, Robert (ITS); Pennacchia, Robert (ITS)
Cc: Barbagelata, David (ITS); Thayer, Christine (ITS); Bagul, Kishor (ITS); Kavanagh, James (ITS); Marshall, Gregg (ITS); Case, Meredith (ITS); Zink, Greg (ITS); Snyder, Deborah A (ITS); Bolk, Paul (ITS); Rogler, Scott (ITS); Zink, Greg (ITS); Sheridan, Diane (ITS); Scialdo, William (ITS); Schuchman, Dave (ITS); Luttman, Michael (ITS); Flynn, Bryan (ITS); Dietrich, David (ITS); Currey, Seth (ITS); Gallant, Doug (ITS); Cherry, Raymond (ITS)
Subject: URGENT: Drupal Security Exploit / Response Teams

 

There is currently a Drupal security exploit that needs immediate attention for any ITS or externally hosted Drupal sites.

 

A response team has been formed and is being led by Jim Kavanagh in coordination with Paul Bolk from EISO which will guide the response/mitigation/remediation effort for each affected site.  Please mobilize your teams and proceed with the following tasks. The full response plan will follow.

 

Cluster Management Task

·         Ensure that a Response Coordinator and a Technical Lead is available for each Drupal Site.

 

Response Coordinator Tasks:

·         For any Drupal sites that is supported by your Cluster, Ensure that it is in listed in the tracking spreadsheet with all requested data http://on.ny.gov/1wKxR0z

·         Join, and have all technical support resources join (and subscribe by email) the "Drupal Security Support Channel" http://bit.ly/1tlpwj9 (Yammer)

 

 

--

Luke Charde

Enterprise Architect, Web & Mobile Platforms

Office of the Chief Technology Officer

New York State Office of Information Technology Services

(518) 495-7019 mobile​

 

 

Reply all
Reply to author
Forward
0 new messages