'You're updated!' Drupal says, with fingers crossed behind back


Drupal installations could be out of date and open to attack thanks to a borked update process that flags unpatched platforms as current.

The popular content management system is used by more than a million sites making it a significant target for hackers.

IOActive research man Fernando Arnaboldi says sites are now at risk of attack because Drupal 7 and 8 platforms are being marked as up-to-date, even if the automated patching process fails due to dead internet links.