A critical remote code execution flaw affects over half of the Internet’s email servers. The bug is a vulnerability in Exim, a mail transfer agent that relays emails from senders to recipients. A Taiwanese security researcher named Meh Chang discovered that Exim mishandles BDAT commands, which leads to CVE-2017-16943. Over 400,000 Exim servers may be affected by the bug, according to another security researcher. A fix for the bug has not yet been confirmed, but a tentative patch exists.
Source: https://www.bleepingcomputer.com/news/security/no-patch-available-for-rce-bug-affecting-half-of-the-internets-email-servers/