Can you spell WannaCry? Or Not Petya? or Eternal Blue? Millions of Exim Mail Servers Exposed to Local, Remote Attacks.
The patch wasn’t identified as a security issue at the time, but that knowledge has come to light. Even so, February was a long-time ago, as the hacker world moves.
According to a quick Shodan search, vulnerable versions of Exim are currently running on roughly over 4,800,000 machines, with more than 588,000 servers already running the patched Exim 4.92 release.
600,000 servers have been updated (nearly). Explain to me again why you can’t update, I was laughing uncontrollably the last time you spoke.
At this point in time, if you have a system exposed to the internet and you are not patching in a timely fashion.
- No one, and I mean no one, is going to have sympathy for you when you get hacked, and hit with ransomware, or cryptominers.
- When you get hacked (and you will get hacked) management (that is Mahogany Row) should be tossed out on the street for “failure to manage.”
- You can’t say “critical system,” and “no resources to update” in the same breath (look up the definition of “critical.”)
Why am I not in Information Technology anymore? Because I no longer want to argue with people about why they really and truly need to update systems in a timely fashion. Even if that costs time and money. Even if they haven’t done it that way in the past. Now I just sit back and shake my head at the insanity.
The people behind the 400,000+ vulnerable servers… They have a week or so to patch, before the zero-day is exploited and they are in the same position as Baltimore, or UK’s NHS or pick your favorite poster child for the lack of security. Some of them will update, most of them won’t, and then they will cry, like Baltimore, about how this is so unexpected.