Mail Protection: SMTP, POP3, Antispam and Antivirus Efail - vulnerabilities in OpenPGP and S/MIME

UTM Firewall requires membership for participation - click to join

Thread Info

Locked Locked
Replies 4 replies
Subscribers 4 subscribers
Views 4479 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Efail - vulnerabilities in OpenPGP and S/MIME

Alexander Busch over 6 years ago

Maybe UTM related. It’s in the news at this moment. At the moment I think only client software is affected.

Best

Alex

This thread was automatically locked due to age.

Parents

EdmundSackbauer over 6 years ago

Today more details were disclosed.

The attacker needs to modify the message on the transport to the email client, and inject some HTML tags/headers.

Hopefully this can be found with signatures, or UTMs own encryption engine can just ignore those tags.
Cancel
Vote Up 0 Vote Down

Cancel
ThorstenSult over 6 years ago in reply to EdmundSackbauer

I would like to know how the UTM Email Encryption reacts to added image-tags!
Cancel
Vote Up 0 Vote Down

Cancel
Alexander Busch over 6 years ago in reply to ThorstenSult
Yes, that's my question too. I'm afraid there's as much information as there is on the Meltdown and Spectre problem. It is today, about 4 months later:

Products under investigation

...

Sophos UTM (SG series) 9.5

...

see https://community.sophos.com/kb/en-us/128053

This makes me a little disappointed.

Best regards
Alex
-
Cancel
Vote Up 0 Vote Down

Cancel
EdmundSackbauer over 6 years ago in reply to Alexander Busch

Spectre/Meltdown is a complete mess, thats Intels fault, not Sophos.

I dont want to patch firmware every month.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

EdmundSackbauer over 6 years ago in reply to Alexander Busch

Spectre/Meltdown is a complete mess, thats Intels fault, not Sophos.

I dont want to patch firmware every month.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data