The Drupal 7.32 release of the latest version of the CMS system was released on 15 October 2014. Vulnerability allows attackers to attack a Drupal 7 installation with a simple simple SQL injection attack. The vulnerability existed within Drupals own protection against SQL injection. At the time the advisory was issued there were roughly 1 billion websites on the internet, so at least 12 million sites needed patching. The warning is a follow-up to an advisory (DRUPAL-SA-CORE-2014-005 – Drupal core – SQL injection)”]