If you are a paying CloudFlare customer using Drupal please make sure you have the WAF ruleset for Drupal enabled (https://blog.cloudflare.com/automatic-protection-for-common-...) as we rolled out automatic protection against this when it was announced.
In addition, if you use Acquia, Pantheon, Platform.sh, or some other hosting providers that directly support Drupal, they may have already at least partially mitigated the attack. But you should still immediately update your code either by upgrade to Drupal 7.32 or by applying the one line patch mentioned elsewhere.
Note that Drupal 6 is not affected (it didn't use PDO, so this parameter parsing functionality doesn't exist).
Note that Drupal 6 is not affected (it didn't use PDO, so this parameter parsing functionality doesn't exist).