Hi,
hope that Sophos knows about the new Exim vulnerabilities and wil release hotfix:
This thread was automatically locked due to age.
Hi,
hope that Sophos knows about the new Exim vulnerabilities and wil release hotfix:
Hi Tomas Beran,
Thank you for reaching out to the Sophos community team. Our dev team is investigating this under ID NC-72625.
Regards,
Vishal Ranpariya
Technical Account Manager | Sophos Technical Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link.
can we expect that these security holes to are patched by hotfix or would customers have to wait until the next SFOS update? are there any steps to mitigate the vulnerabilities in the meantime manually or at least ways to check if the system is already compromised?
I would like to see a response similar to "Asnarök" from sophos. As it seems that the impact is pretty serious and the exploits are around for more than 2 months
Hi Samuel Heinrich,
We'll update the following blog post as the new information becomes available:
Thanks,
JFYI: The Advisory was updated with the latest information.
__________________________________________________________________________________________________________________
As stated by the advisory post:
Sophos Firewall customers not licensed for email protection, and those using legacy mode (transparent email proxy) for email, are not vulnerable.
__________________________________________________________________________________________________________________