New RCE vulnerability impacts nearly half of the internet's email servers Exim vulnerability lets attackers run commands as root on remote email servers June 5, 2019 https://www.zdnet.com/article/new-r...s-nearly-half-of-the-internets-email-servers/
Exim email servers are now under attack June 13, 2019 https://www.zdnet.com/article/exim-email-servers-are-now-under-attack/
Millions of Email Servers at Risk from Cryptomining Worm June 14, 2019 https://www.infosecurity-magazine.com/news/millions-email-servers-risk-from-1/ Cybereason: New Pervasive Worm Exploiting Linux Exim Server Vulnerability
Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149) June 14, 2019 https://blogs.technet.microsoft.com...a-linux-worm-by-updating-exim-cve-2019-10149/
The “Return of the WiZard” Vulnerability: Crooks Start Hitting June 24, 2019 https://blog.yoroi.company/research/the-return-of-the-wizard-vulnerability-crooks-start-hitting/
Critical Exim TLS Flaw Lets Attackers Remotely Execute Commands as Root September 6, 2019 https://www.bleepingcomputer.com/ne...-attackers-remotely-execute-commands-as-root/
Exim fails to properly handle peer DN and SNI in TLS handshakes Vulnerability Note VU#672565 September 6, 2019 https://kb.cert.org/vuls/id/672565/
Last Revised: 2019-09-18: Exim fails to properly handle trailing backslashes in string_interpret_escape() Vulnerability Note VU#672565 September 18, 2019 https://kb.cert.org/vuls/id/672565/
New Critical Exim Flaw Exposes Email Servers to Remote Attacks — Patch Released September 30, 2019 https://thehackernews.com/2019/09/exim-email-security-vulnerability.html
Exim Vulnerability (CVE-2019-16928): Global Exposure Details and Remediation Advice October 1, 2019 https://blog.rapid7.com/2019/10/01/...obal-exposure-details-and-remediation-advice/
NSA: Russian govt hackers exploiting critical Exim flaw since 2019 May 28, 2020 https://www.bleepingcomputer.com/ne...ers-exploiting-critical-exim-flaw-since-2019/
Critical Exim bugs being patched but many servers still at risk June 2, 2020 https://www.bleepingcomputer.com/ne...being-patched-but-many-servers-still-at-risk/
However, if you are running a version of Exim 4.92 or higher, you should be safe from the exploit, but all prior versions of the software need an immediate fix. The simplest fix for the vulnerability is to update the Exim mail server to the current version of Exim which is 4.93