The problem affects Exim versions from 4.87 to 4.91 and allows an unauthorized attacker remotely executing arbitrary commands on mail servers with certain (non-factory) configuration settings. Although the vulnerability was fixed in February of this year with the release of Exim 4.92, many servers are still vulnerable.
«MSRC (Microsoft Security Response Center) confirmed presence of an active worm for Linux, which uses the critical remote execution vulnerability CVE-2019-10149 in Linux Exim mail servers with Exim versions from 4.87 to 4.91. The vulnerability does not affect Azure users with Exim 4.92 version installed on virtual machines”, – according to a Microsoft notification.
In order to protect itself against possible cyberattacks, company strongly recommends that users update their operating systems on their Azure virtual machines.
There is a partial mitigation for affected systems that can filter or block network traffic via Network Security Groups (NSGs). The affected systems can mitigate Internet-based ‘wormable’ malware or advanced malware threats that could exploit the vulnerability. However, affected systems are still vulnerable to Remote Code Execution (RCE) exploitation if the attacker’s IP Address is permitted through Network Security Groups.
“It is for these reasons that we strongly advise that all affected systems – irrespective of whether NSGs are filtering traffic or not – should be updated as soon as possible”, — insist Microsoft specialists.
About Himalayaview.top Himalayaview.top pop-ups can not launch out of the blue. If you have actually…
About Youdilgad.top Youdilgad.top pop-ups can not expose out of the blue. If you have clicked…
About Alkads.com Alkads.com pop-ups can not launch out of the blue. If you have clicked…
About Bigamirt.xyz Bigamirt.xyz pop-ups can not launch out of nowhere. If you have clicked some…
About Micorban.xyz Micorban.xyz pop-ups can not open out of the blue. If you have actually…
About Msdefender.co.in Msdefender.co.in pop-ups can not expose out of the blue. If you have actually…