Skip to main content
MSRC

Update

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)

Thursday, June 13, 2019

This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution (RCE) vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91. Microsoft Azure infrastructure and Services are not affected; only customer’s Linux IaaS instances running a vulnerable version of Exim are affected.