EFAIL is a critical email security flaw that breaks Outlook encryption

Costea Lestoc By: Costea Lestoc
2 minute read

Home » News » EFAIL is a critical email security flaw that breaks Outlook encryption

Security researchers are sending a warning to the whole world regarding a critical flaw in the OpenPGP and S/MIME email encryption tools. The vulnerability is codenamed EFAIL, and it allows attackers to extract the plaintext content from all your sent/received messages.

The fact that this flaw renders email encryption useless is very disturbing. Unfortunately, the EFF confirmed there are currently no reliable fixes or patches to solve the problem.

Until enough clients are reliably patched, sending PGP-encrypted messages can create adverse ecosystem incentives for others to decrypt them. Balancing the risks of continuing to use it can be tricky and depends on your situation and that of your contacts.

Users are advised to disable mail encryption plugins

Until further notice, users have been advised to disable email encryption plugins in order to avoid attackers from recovering past encrypted emails after the paper gets published.

These steps are intended as a temporary, conservative stopgap until the immediate risk of the exploit has passed and been mitigated against by the wider community.

For more information on how to disable email encryption on Outlook, you can check out EFF’s guide.


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


The current state of the situation

Some researchers started to disclose more details about the flaw ahead of schedule, and as a result, the efail.de website is live and the research paper as well. Both present in-depth details on the EFAIL flaw. The vulnerability was already confirmed to affect email plugins for supporting encryption operations.

RELATED STORIES TO CHECK OUT:

Discussions

Next up

Vampire: The Masquerade Bloodlines 2 won’t get 3rd person play

Alexandru Voiculescu avatar. By: Alexandru Voiculescu
2 minute read

Developers Hardsuit Labs and Paradox Interactive announced on the official Vampire: The Masquerade – Bloodlines 2 Twitter account that the game will be first person […]

Continue Reading

Microsoft Paint gets full keyboard input support this month

Zille Huma avatar. By: Zille Huma
2 minute read

Last year, Microsoft informed MS Paint users that their favorite app from childhood would no longer be available on Windows 10. Microsoft was really determined […]

Continue Reading

Windows 10 Task Manager now displays HDDs and SSDs separately

Zille Huma avatar. By: Zille Huma
2 minute read

Microsoft rolled out new Task Manager improvements to Windows Insiders. If you’re already running the Windows 10 20H1 builds, you can already try out the […]

Continue Reading