A serious Drupal security issue

The Drupal security team has sent out a "highly critical"alert: "A remote code execution vulnerability exists withinmultiple subsystems of Drupal 7.x and 8.x. This potentially allowsattackers to exploit multiple attack vectors on a Drupal site, which couldresult in the site being completely compromised." This seems worthavoiding; updating to the current version is the way to do that. There isan FAQ pagewith a little more information.