Exim mail servers left open to zero-day attacks for over a year

A critical vulnerability in Exim’s mail transfer agent (MTA) software has remained unpatched for over a year, opening servers to potential attacks, warns Trend Micro’s Zero Day Initiative. The flaw in the world’s most popular MTA software, detected by an anonymous researcher and used by over 56% of internet-connected mail servers, can crash software, corrupt data and execute malicious code. Exim was informed about the flaw twice but failed to address it. Russian hackers have previously exploited similar vulnerabilities in Exim.