The message today to the millions of users of WordPress and Drupal content management systems: Fire up those security updates.
The web content management system (CMS) providers released security updates this week after an industry expert tipped them off to a potential attack that shuts down websites and servers running on the WordPress or Drupal engine.
Nir Goldshlager, a security researcher from Salesforce.com's product security team, first caught the potential bug.
In a blog post, he wrote that he detected XML Denial of Service in both WordPress and Drupal. This phenomenon, he wrote, is predicated on a well-known cyber attack, known as the XML Quadratic Blowup Attack.