Comment 2TWN Re: Dominant stack

Story

Recently discovered bug means most or all Drupal sites have been compromised

Preview

Dominant stack (Score: 0)

by Anonymous Coward on 2014-11-03 08:15 (#2TWA)

I cringe to think what it would be like if this was a piece of a dominant stack like Microsoft or SAP

Re: Dominant stack (Score: 1)

by zafiro17@pipedot.org on 2014-11-03 11:24 (#2TWC)

Drupal is pretty darned dominant though, in the web content world, anyway. I know Wordpress is probably the biggest one out there but Drupal is probably second I'd think, or not far away from the top, anyway. But on /. and elsewhere, wherever a Drupal thread comes up there's an instant reaction from people who have programmed for it, and they complain it's a hairball of spaghetti code. Maybe this was a train wreck in the making and anybody who knew the code knew sooner or later it would happen.

Still, how would you like to be the person responsible for writing a security announcement that goes, "unless you've patched recently, you have probably already been compromised?" That's got to be pretty uncomfortable.

Re: Dominant stack (Score: 1)

by zafiro17@pipedot.org on 2014-11-03 11:25 (#2TWD)

Oh, and before Microsoft pats itself on the back, there's a vuln going around now that uses freaking Powerpoint as a vector, so Microsoft isn't free and clear yet either:

http://www.theregister.co.uk/2014/10/22/powerpoint_attacks_exploit_ms_0day/

Powerpoint, fer Chrissake. How long have we been dealing with this? Adobe, same thing. So tired of updating Adobe products.

Junk Status

Not marked as junk