The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Critical flaw found in email encryption tools

2018-05-15 10:09 by

 

European researchers have found that the popular PGP and S/MIME email encryption standards are vulnerable to being hacked and they urge users to disable and uninstall them immediately.

The weakness could allow a hacker to expose plaintext versions of encrypted messages—a nightmare scenario for users who rely on encrypted email to protect their privacy, security, and safety.

The researchers dubbed the flaw "EFail," and say it affects over a dozen email clients, such as Apple Mail, Microsoft's Outlook, and Thunderbird, which either support a plugin tool or use a native standard for their encryption.

If an encrypted email using those clients is intercepted in transit, an attacker could use the new vulnerability to modify the email, adding malicious HTML code before sending it to the target. When the target opens the new email, the malicious code could be used to send back the plaintext of the email.

For PGP users, the researchers created a page with more information on how you can protect yourself from the EFail threat. They warn that the flaw won't be fully fixed until the IT community updates the PGP and S/MIME standards.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About