Texas Creative's Action Plan for Drupal Core PSA-2018-001
There will be a security release of Drupal 7.x, 8.3.x, 8.4.x, and 8.5.x on March 28th, 2018 between 1:00 pm to 12:30pm CST, that will fix a highly critical security vulnerability. (See Full PSA)
Texas Creative clients who have Drupal 7 or Drupal 8 sites and are covered under our CMS Security Maintenance plans will have their sites patched by the Texas Creative web development team immediately following the announcement. Texas Creative has moved our regular monthly CMS update window to this time to accommodate this highly critical security vulnerability. We expect all Drupal sites to be fully patched within 1-4 hours of the announcement depending on what the specific vulnerability is and how smoothly the update process goes.
Security is a high priority so all of the Texas Creative hosted sites are on servers which use a multi-layered approach to security involving very strict limitations on code execution, access restricted firewalls, and other tools to greatly reduce attack vectors and reduce the impact of any malicious code that was to find its way onto a server.
Clients who have questions should reach out to their Account Managers, who will loop in a developer, if needed, to answer specific technical inquiries.
UPDATE: 3-28-2018 at 4:10pm CST - We’ve completed all core Drupal 7 and Drupal 8.