Hi Guys,
This is something that need immediate attention if your Exim version is between 4.70 and 4.80. Addressing a CRITICAL remote code execution flaw in versions of Exim between 4.70 and 4.80 inclusive, when built with DKIM support (the default).
You are not vulnerable if you built Exim with DISABLE_DKIM or if you
put this at the start of an ACL plumbed into acl_smtp_connect or
acl_smtp_rcpt:
warn control = dkim_disable_verify
cPanel is using Exim as the MTA and they recently addressed this vulnerability and you can find the details here >>
http://cpanel.net/exim-remote-code-execution-vulnerability-notification-cve-2012-5671/If you are using cpanel, we request you to update the cPanel to the latest version, which will have exim-4.80-3 that is not vulnerable. If you are using a custom Linux Box with Exim, please do a manual upgrade as soon as possible.