Allows admins to test the vulnerability of their networks to newly found security issue
London, UK, 12 September 2002 - GFI’s Email Security Testing Zone, www.gfi.com/emailsecuritytest, has launched an email test based on a new vulnerability detailed by Beyond Security Ltd earlier today. Through this test, available for free, administrators can find out whether their network is protected against emails making use of the fragmented message vulnerability.
An email exploit making use of the fragmented message vulnerability can bypass most unpatched content-filtering solutions that claim to protect against viruses and renders most server-level virus scanning solutions useless against it.
"This generic flaw potentially affects all SMTP content filtering software. What's most alarming about this attack is the fact that no special attacking tool is required; any Outlook Express user can use this flaw to bypass a vulnerable content filtering software at a flick of a button," said Aviram Jenik, Beyond Security CEO. For more information about the vulnerability, please see http://www.securiteam.com/securitynews/5YP0A0K8CM.html.
"As virus writers seek increasingly sophisticated methods to disseminate their viruses, email exploits will become a more popular means for doing so, making an email exploit detection engine an essential part of an organisation's email security set-up," said Sandro Gauci, security engineer at GFI. "A case in point is the newly discovered fragmented message email exploit that can circumvent most server-level and some client-level email security systems."
GFI's fragmented message vulnerability test uses the harmless Eicar virus to test whether a network has protection against this type of email exploit. Eicar was developed by the European Institute for Computer Anti-Virus Research as a safe and easy way to test if the user's anti-virus software is working.
Once the test is activated, if it is received as a single email with an attached file that contains Eicar, then the recipient is vulnerable to this kind of attack. The fragmented message has circumvented server level protection as well as the security settings of the email client - meaning that were this virus malicious, the network would have been infected. If the test is received as five emails or not at all, the recipient's email client does not support email defragmentation: The fragmented email containing the virus has not been reconstructed at client level, meaning the user's system is safe from this type of attack. This email attack works with Outlook Express and other clients that support message fragmentation. Microsoft Outlook does not support this feature.
How to run the test
Email users can sign up for this and other tests free of charge by submitting their name and email address at GFI's Email Security Testing Zone, http://www.gfi.com/emailsecuritytest/. They will then receive harmless tests by email, through which they can check if their email system is vulnerable to a number of email threats. The zone also includes tests for threats such as emails containing infected attachments, emails with malformed MIME headers, HTML mails with embedded scripts and email attacks that can circumvent default Outlook 2002 security settings.
About GFI MailSecurityAcerca de GFI
GFI MailSecurity for Exchange/SMTP is an email content checking, exploit detection, threats analysis and anti-virus solution that removes all types of email-borne threats before they can affect your email users. GFI MailSecurity's key features include multiple virus engines, for better protection; email content and attachment checking, to quarantine dangerous emails; an email exploit engine, to perform email intrusion detection and defence; and an email threats engine, to analyse & defuse HTML scripts, .exe files and more. Pricing starts at US$295 for 10 users and includes a year of free anti-virus engine updates. More product information can be found at http://www.gfi.com/mailsecurity.
GFI es un destacado desarrollador de software que proporciona una única fuente para que los administradores de red dirijan sus necesidades en seguridad de red, seguridad de contenido y mensajería. Con una galardonada tecnología, una agresiva estrategia de precios y un fuerte enfoque en las pequeñas y medianas empresas, GFI es capaz de satisfacer la necesidad de continuidad y productividad de los negocios que tienen las organizaciones en una escala global. Fundada en 1992, GFI tiene oficinas en Malta, Londres, Raleigh, Hong Kong y Adelaide que soportan más de 200.000 instalaciones en todo el mundo. GFI es una empresa enfocada a canal con más de 10.000 partners en todo el mundo. GFI es también Microsoft Gold Certified Partner. Se puede encontrar más información sobre GFI en http://www.gfihispana.com.
Todos los nombres de productos y compañías incluidos pueden ser marcas registradas de sus respectivos propietarios.