The problem affects Exim versions from 4.87 to 4.91 and allows an unauthorized attacker remotely executing arbitrary commands on mail servers with certain (non-factory) configuration settings. Although the vulnerability was fixed in February of this year with the release of Exim 4.92, many servers are still vulnerable.
«MSRC (Microsoft Security Response Center) confirmed presence of an active worm for Linux, which uses the critical remote execution vulnerability CVE-2019-10149 in Linux Exim mail servers with Exim versions from 4.87 to 4.91. The vulnerability does not affect Azure users with Exim 4.92 version installed on virtual machines”, – according to a Microsoft notification.
In order to protect itself against possible cyberattacks, company strongly recommends that users update their operating systems on their Azure virtual machines.
There is a partial mitigation for affected systems that can filter or block network traffic via Network Security Groups (NSGs). The affected systems can mitigate Internet-based ‘wormable’ malware or advanced malware threats that could exploit the vulnerability. However, affected systems are still vulnerable to Remote Code Execution (RCE) exploitation if the attacker’s IP Address is permitted through Network Security Groups.
“It is for these reasons that we strongly advise that all affected systems – irrespective of whether NSGs are filtering traffic or not – should be updated as soon as possible”, — insist Microsoft specialists.
About News-bpudepi.today News-bpudepi.today pop-ups can not launch out of the blue. If you have actually…
About Doguhtam.xyz Doguhtam.xyz pop-ups can not expose out of nowhere. If you have clicked some…
About News-xlixoti.com News-xlixoti.com pop-ups can not introduce out of nowhere. If you have actually clicked…
About Ducesousightion.com Ducesousightion.com pop-ups can not introduce out of the blue. If you have actually…
About News-xlabica.live News-xlabica.live pop-ups can not launch out of the blue. If you have actually…
About Mergechain.co.in Mergechain.co.in pop-ups can not expose out of the blue. If you have clicked…