image credit: pixabay
The timing of the agency’s advisory Thursday was unusual considering that the critical vulnerability in the Exim Mail Transfer Agent — which mostly runs on Unix-type operating systems — was identified 11 months ago, when a patch was issued.
Exim is so widely used — though far less known than such commercial alternatives as Microsoft’s proprietary Exchange — that some companies and government agencies that run it may still not have patched the vulnerability, said Jake Williams, president of Rendition Infosec and a former U.S. government hacker.
Comments are closed.
