Mitigation of DRUPAL-SA-PSA-2016-004
Incident Report for
The Drupal Security Team just announced a new highly critical security announcement (23/25 points) for the 3rd Party Library PHPmailer:
There is no Contrib or Core Module of Drupal directly affected, but multiple Contrib Modules of Drupal download the 3rd Party Library PHPmailer in order to send emails. Every website that uses PHPmailer is encouraged to update to the a newer version of PHPmailer then 5.2.18 (current available version is 5.2.19).

As cannot mitigate this issue from an infrastructure level, we informed all our clients which have PHPmailer 5.2.18 or earlier installed to update their codebase and with that fix their issue.
If you did not receive such an information, our scripts did not find your website affected and there is probably nothing to do as of right now (even though strongly suggests to keep all websites up to date at any time).
Posted over 1 year ago. Dec 27, 2016 - 03:24 CET
This incident affected: General (API, Deployment Infrastructure, Nameservers, dev1.compact), USA (us2.compact), United Kingdom (uk1.compact), Switzerland (zh1.cluster, zh1.single, zh2.single, zh1.compact), South Africa (sa1.compact), and on-premise servers.