{"id":2008,"date":"2014-04-01T16:00:34","date_gmt":"2014-04-01T22:00:34","guid":{"rendered":"http:\/\/www.whitefirdesign.com\/blog\/?p=2008"},"modified":"2014-04-01T16:00:34","modified_gmt":"2014-04-01T22:00:34","slug":"another-major-university-is-running-outdated-and-insecure-version-of-drupal","status":"publish","type":"post","link":"https:\/\/www.whitefirdesign.com\/blog\/2014\/04\/01\/another-major-university-is-running-outdated-and-insecure-version-of-drupal\/","title":{"rendered":"Another Major University is Running Outdated and Insecure Version of Drupal"},"content":{"rendered":"<p>Last week we spotlighted the fact that <a title=\"Only One-Third of Drupal 7 Websites Are Up-To-Date\" href=\"http:\/\/www.whitefirdesign.com\/blog\/2014\/03\/27\/only-one-third-of-drupal-7-websites-are-up-to-date\/\">only a third of websites running Drupal 7 are up to date<\/a>. As keeping the software running a website up to date being an <a href=\"http:\/\/www.whitefirdesign.com\/resources\/secure-your-website-from-hackers.html\">important security measure<\/a> and with the <a href=\"https:\/\/drupal.org\/drupal-7.26\">most recent version<\/a> of Drupal 7 being a security update that obviously is a problem (though certainly not a problem limited to Drupal). What makes this more troubling is that it isn&#8217;t just small websites that are not keeping their software up to date, but large institutions that are more than capable of doing the upgrades. In gets worse when you see institutions that have departments focused on the technology security that are failing to keep their software up to date. Last month we looked at the fact that the <a title=\"Kaspersky Lab and Cambridge University Websites Highlight The Poor State of Security\" href=\"http:\/\/www.whitefirdesign.com\/blog\/2014\/03\/12\/kaspersky-lab-and-cambridge-university-websites-highlight-the-poor-state-of-security\/\">University of Cambridge was running an outdated version of Drupal, while the blog of their Security Group was running on a very out of date version of WordPress<\/a>. They unfortunately are not alone.<\/p>\n<p>Using our <a href=\"http:\/\/www.whitefirdesign.com\/drupal-version-check\">Drupal Version Check web browser extension<\/a>, available for <a href=\"https:\/\/addons.mozilla.org\/firefox\/addon\/drupal-version-check\/\">Firefox<\/a> and <a href=\"https:\/\/chrome.google.com\/webstore\/detail\/drupal-version-check\/cfgkoondhklepebjanihdiedjmibieii\">Chrome<\/a>, we can see that the Rutgers University website is still running Drupal 7.21:<\/p>\n<p><a href=\"http:\/\/www.whitefirdesign.com\/drupal-version-check\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-2009\" alt=\"The Rutgers University Website is Running Drupal Version 7.21\" src=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2014\/04\/rutgers-drupal-version.png\" width=\"500\" height=\"150\" srcset=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2014\/04\/rutgers-drupal-version.png 500w, https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2014\/04\/rutgers-drupal-version-300x90.png 300w\" sizes=\"auto, (max-width: 500px) 85vw, 500px\" \/><\/a>That version is now a year out of date and two security updates have been missed (<a href=\"https:\/\/drupal.org\/drupal-7.24-release-notes\">7.24 <\/a>and <a href=\"https:\/\/drupal.org\/drupal-7.26-release-notes\">7.26<\/a>). Making sure the website is kept up to date is something that you would hope that Rutger&#8217;s <a href=\"https:\/\/rusecure.rutgers.edu\/\">University Information Protection and Security Division<\/a> would be on top of, but they are not even keeping their website up to date:<\/p>\n<p><a href=\"http:\/\/www.whitefirdesign.com\/drupal-version-check\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-2010\" alt=\"The RU Secure Website is Running Drupal Version 6.29\" src=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2014\/04\/ru-secure-drupal-version.png\" width=\"500\" height=\"150\" srcset=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2014\/04\/ru-secure-drupal-version.png 500w, https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2014\/04\/ru-secure-drupal-version-300x90.png 300w\" sizes=\"auto, (max-width: 500px) 85vw, 500px\" \/><\/a>That website is less out of date than the main Rutgers website as the current version of Drupal 6, <a href=\"https:\/\/drupal.org\/drupal-6.30-release-notes\">6.30<\/a>, was released in January, but it was a security update so they should have gotten it upgraded by now.<\/p>\n<p>For those reading this and realizing they need to get their Drupal installation up to date, you can find the upgrade instructions <a href=\"https:\/\/drupal.org\/upgrade\/\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Last week we spotlighted the fact that only a third of websites running Drupal 7 are up to date. As keeping the software running a website up to date being an important security measure and with the most recent version of Drupal 7 being a security update that obviously is a problem (though certainly not &hellip; <a href=\"https:\/\/www.whitefirdesign.com\/blog\/2014\/04\/01\/another-major-university-is-running-outdated-and-insecure-version-of-drupal\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Another Major University is Running Outdated and Insecure Version of Drupal&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25,18,35],"tags":[],"class_list":["post-2008","post","type-post","status-publish","format-standard","hentry","category-bad-security","category-drupal","category-outdated-web-software"],"_links":{"self":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/comments?post=2008"}],"version-history":[{"count":2,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2008\/revisions"}],"predecessor-version":[{"id":2012,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2008\/revisions\/2012"}],"wp:attachment":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/media?parent=2008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/categories?post=2008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/tags?post=2008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}