Threat Intelligence: Over 3 Million Mail Servers at Risk from High-Severity EXIM Vulnerability - D1defend D1defend

Threat Intelligence: Over 3 Million Mail Servers at Risk from High-Severity EXIM Vulnerability - D1defend D1defend

x

Blog

Threat Intelligence: Over 3 Million Mail Servers at Risk from High-Severity EXIM Vulnerability

Posted: October 2, 2023

This is an urgent update on a critical situation concerning Exim, the widely used mail transfer agent (MTA). Potentially 3 million mail servers will be impacted by this situation since more than half of all mail servers exposed to the internet are running on Exim according to a recent study by E-Soft Inc.

Here’s the tech 411:

Exim has been discovered to harbor several vulnerabilities, most notably CVE-2023-42115, CVE-2023-42116, and CVE-2023-42117. What does this mean? Well, if these vulnerabilities are exploited, they can grant malicious actors remote code execution capabilities. There’s also growing concerns regarding the speed of Exim’s response to these vulnerabilities, because some patches reportedly taking up to four months to be released.

The good news:

A patch has been released today for these vulnerabilities, with the updated version being exim-4.96.1.

Immediate Actions for MSPs:

  1. Audit and identify any Exim installations within your and your clients’ networks.
  2. Apply the exim-4.96.1 patch immediately to mitigate the known vulnerabilities.

We’re here to help and collaborate during this crucial phase. Reach out for any support or clarifications.

Contact Us Today!

Schedule a Call