We continuously monitor the status of the 1&1 Web Hosting services. If there are any interruptions in service, a note will be posted here. If you experience problems accessing your 1&1 Web Hosting services which are not listed here, please contact us. For contact channels please click here.
A new security vulnerability has been identified affecting Drupal versions prior to 6.34 and 7.34. If you are currently running a Drupal installation that is not 6.34 or higher, or 7.34 or higher, your installation is vulnerable to attacks that may be used to gain access to a user’s session or leverage a password hashing API to completely exhaust the CPU and memory resources of your site, causing it to load slowly or not at all. This security vulnerability has been named SA-CORE-2014-006.
More information regarding the vulnerability is available from Drupal's website: https://www.drupal.org/SA-CORE-2014-006
If you have installed Drupal in Safe Mode using the 1&1 App Center, no action is necessary on your part. The security patch is currently being applied by 1&1.
If you have installed Drupal manually, or in Free Mode using the 1&1 App Center, please check your current installation and update to the latest version – 6.34 or 7.34 . To find instructions on how to update Drupal to the latest version, please reference the Drupal page provided below: http://www.drupal.org/upgrade