I think that I will start this Diary with the following statement: If you use an open source CMS, and you do not update it frequently, there is a very high chance that your website if not only compromised but also part of a botnet.
"You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement"
Source : InfoSec Handlers Diary Blog - The Wonderful World of CMS strikes again
