A newly patched SmarterMail flaws is being exploited in the wild, allowing attackers to reset admin passwords and gain SYSTEM-level code execution.