GFI'S E-mail Security Testing Zone (www.gfi.com/emailsecuritytest), has launched an e-mail test based on a new vulnerability detailed by Beyond Security Ltd. Through this test, available for free, administrators can find out whether their network is protected against e-mails making use of the fragmented message vulnerability.

An e-mail exploit making use of the fragmented message vulnerability can bypass most unpatched content-filtering solutions that claim to protect against viruses and renders most server-level virus scanning solutions useless against it.

"This generic flaw potentially affects all SMTP content filtering software. What's most alarming about this attack is the fact that no special attacking tool is required; any Outlook Express user can use this flaw to bypass a vulnerable content filtering software at a flick of a button," said Aviram Jenik, Beyond Security CEO. For more information about the vulnerability, visit www.securiteam.com/securitynews/5YP0A0K8CM.html.

"As virus writers seek increasingly sophisticated methods to disseminate their viruses, e-mail exploits will become a more popular means for doing so, making an e-mail exploit detection engine an essential part of an organisation's email security set-up," said Sandro Gauci, security engineer at GFI. "A case in point is the newly discovered fragmented message e-mail exploit that can circumvent most server-level and some client-level e-mail security systems."

GFI's fragmented message vulnerability test uses the harmless Eicar virus to test whether a network has protection against this type of e-mail exploit. Eicar was developed by the European Institute for Computer Anti-Virus Research as a safe and easy way to test if the user's anti-virus software is working.

Once the test is activated, if it is received as a single e-mail with an attached file that contains Eicar, then the recipient is vulnerable to this kind of attack. The fragmented message has circumvented server level protection as well as the security settings of the e-mail client - meaning that were this virus malicious, the network would have been infected.

If the test is received as five e-mails or not at all, the recipient's e-mail client does not support e-mail defragmentation: The fragmented e-mail containing the virus has not been reconstructed at client level, meaning the user's system is safe from this type of attack. This e-mail attack works with Outlook Express and other clients that support message fragmentation. Microsoft Outlook does not support this feature.

E-mail users can sign up for this and other tests free of charge by submitting their name and e-mail address to GFI's E-mail Security Testing Zone, www.gfi.com/emailsecuritytest/. They will then receive harmless tests by e-mail, through which they can check if their e-mail system is vulnerable to a number of e-mail threats.

The zone also includes tests for threats such as e-mails containing infected attachments, e-mails with malformed MIME headers, HTML mails with embedded scripts and e-mail attacks that can circumvent default Outlook 2002 security settings.

GFI MailSecurity for Exchange/ SMTP is an e-mail content checking, exploit detection, threats analysis and anti-virus solution that removes all types of e-mail-borne threats before they can affect your e-mail users.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.