Following up on the Drupageddon, I noticed something weird on one of my servers. While patching sites to Drupal 7.32, I noted that on some of the sites database.inc was already updated with todays date! I was sure nobody made the change so I went into investigating this more.

I made a diffcheck via git and discovered there was additional file on my server!

Yesterday Drupal security team announced highly critical bug at https://www.drupal.org/SA-CORE-2014-005. Looking at the actual patch which is simply: