This Security Advisory was delivered as a service by Hanzo Host to help our customers
and friends keep their systems up-to-date against the latest vulnerabilities.

Security Advisory

Drupal Session Fixation Vulnerability

Info:

A vulnerability has been reported in Drupal, which can be exploited to conduct session fixation attacks.

Solution:

Update to version 5.20 or apply patch:

http://drupal.org/files/sa-core-2009-008/SA-CORE-2009-008-5.19.patch

An one-click update is available to Hanzo Host customers within your account. Please update your install as soon as possible via your cPanel:

1.) log in to cPanel
2.) scroll down the page to
Software / Services > Installatron Applications Installer

3.) Available updates are highlighted
4.) Click on the options you wish to update

If you have any questions please contact Support by raising a ticket via the Customer Portal

Many thanks!