A critical security update for Drupal 7.x was released today, October 15. University IT is conducting unscheduled maintenance for all websites hosted on the Stanford Sites Drupal hosting service to mitigate this vulnerability, and no further actions need to be taken by site owners at this time. More details on what was included in this critical update can be found at https://www.drupal.org/drupal-7.32.
Please note that another, unrelated critical security fix is underway which affects the university's web servers. These updates are ongoing, and websites hosted on the Stanford Sites service and on AFS or other systems may experience temporary instability until the maintenance is completed.
University IT follows security best practices and closely monitors the releases of all core and module updates; critical security updates may be tested and applied immediately, and less urgent bug fixes are tested and applied in scheduled maintenance windows on a regular basis.
If you experience issues with your website hosted on Stanford Sites, please submit a HelpSU request, and we will respond as soon as possible.
Update - October 15, 2014, at 6:07 pm:
University IT completed the update to Drupal 7.32 for the Stanford Sites Drupal hosting service, including all websites on people.stanford.edu and sites.stanford.edu.