CyberNews Briefs

Critical Remote Code Execution Vulnerability Patched in Exim Email Server

Exim recently patched a critical vulnerability that could enable threat actors to execute arbitrary code on servers running certain versions of the company’s software. The flaw, tracked as CVE-2019-16928, put numerous systems at risk, for Exim is used by 57% of all email servers worldwide. Exim versions 4.92, 4.92.1 and 4.92.2 are all vulnerable, so users are urged to update their servers to Exim 4.92.3.

Last month, Exim patched another flaw that could enable attackers to run malicious code on impacted servers with administrative (root) privileges. That vulnerability affected servers running Exim version 4.92.1 or an older version. It was also revealed last month that a new ransomware strain dubbed Lilocked or Lilu was targeting servers running outdated instances of Exim.

Read more: Critical Remote Code Execution Vulnerability Patched in Exim Email Server

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.