Exim vulnerabilities

Question

Hi, 
 hope that Sophos knows about the new Exim vulnerabilities and wil release hotfix: 
 https://www.bleepingcomputer.com/news/security/critical-21nails-exim-bugs-expose-millions-of-servers-to-attacks/

LuCar Toni · Answer

This is a Thread for Sophos XG Firewall. Sophos is working on both fixes on both products. Sophos XG Firewall has a hotfix mechanism, which allows to deploy hotfixes on the product without downtime etc. All customers with enabled Hotfixes already got the fix. UTM needs a complete new release, which assuming takes more time compared to a hotfix. 
 As another workaround, Central Email offers a 100 mailbox free trial. Its easy to setup and could be implemented for the customer within minutes. Simply deploy the mailboxes in Central (AD Sync), deploy the MX (switch to Central) and redirect the mails to Central. Forward the mails to UTM and only open the Mail protection of UTM to Central delivery IPs.

FormerMember · Answer

Hi Samuel Heinrich , 
 We'll update the following blog post as the new information becomes available: 
 
 Advisory: Multiple Vulnerabilities (AKA 21Nails) in Exim 
 
 Thanks,

Vishal_R · Answer

Hi Tomas Beran , 
 Thank you for reaching out to the Sophos community team. Our dev team is investigating this under ID NC-72625 .

Exim vulnerabilities

Top Replies