On May 14th, details of a vulnerability in OpenPGP (Pretty Good Privacy) and S/MIME encryption protocols known as EFAIL were released. The EFAIL attacks exploit vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext of encrypted emails.
What is PGP and S/MIME encryption?
Both technologies add an additional layer of security to your email communication. If used properly, both technologies should guarantee confidentiality and authenticity of your email messages even if an attacker has full access to your email account. The EFAIL attacks break this additional encryption layer.
How is Redtail responding to this?
Redtail's DevOps team and Zimbra's security team have reviewed and analyzed the data presented in the researchers' findings and have determined that our current email platform's S/MIME solutions are not affected. Redtail Email renders HTML content directly and has mechanisms in place that prevent the attack vector patterns. Redtail, along with Zimbra, will continue to monitor the situation around EFAIL. Zimbra will also continue to investigate and invest in additional barriers for those types of attacks.
What should Redtail Email Users do in the meantime?
- If you are using Redtail's optional S/MIME java applet solution or server side solution, you don’t have to do anything.
- If you are using a third party mail client such as Outlook, Thunderbird, etc., then please check the FAQ section of the EFAIL report page (https://efail.de/#faq) to see if your client is affected.
- If your client is affected, we recommend you follow the authors’ recommendations from the Mitigations section of this page that we’ve copied & pasted below:
Here are some strategies to prevent EFAIL attacks:
Short term: No decryption in email client. The best way to prevent EFAIL attacks is to only decrypt S/MIME or PGP emails in a separate application outside of your email client. Start by removing your S/MIME and PGP private keys from your email client, then decrypt incoming encrypted emails by copy & pasting the ciphertext into a separate application that does the decryption for you. That way, the email clients cannot open exfiltration channels. This is currently the safest option with the downside that the process gets more involved.
Short term: Disable HTML rendering. The EFAIL attacks abuse active content, mostly in the form of HTML images, styles, etc. Disabling the presentation of incoming HTML emails in your email client will close the most prominent way of attacking EFAIL. Note that there are other possible backchannels in email clients which are not related to HTML but these are more difficult to exploit.
Medium term: Patching. Some vendors will publish patches that either fix the EFAIL vulnerabilities or make them much harder to exploit.
Long term: Update OpenPGP and S/MIME standards. The EFAIL attacks exploit flaws and undefined behavior in the MIME, S/MIME, and OpenPGP standards. Therefore, the standards need to be updated, which will take some time.
Full Technical Paper on EFAIL can be found here.
CVEs for EFAIL: