A test of the 'Email Security Testing Zone'


1) GFI's Access exploit vulnerability test E-Mail
(I passed this one without a problem)

GFI's Access exploit vulnerability test has just been performed on your computer. Opening this mail automatically activates the test.

* If you can see gfi-test.txt

If the text file gfi-test.txt appears on your desktop, then you are vulnerable to this exploit.

Embedded VBA code within an Access database file (.mdb) that in turn lies within an Outlook Express email file can circumvent security measures in certain circumstances. Vulnerabilities within Internet Explorer and Outlook allow such content to be executed automatically.

The text file demonstrates this: It has read vital information about your system, showing you that, in fact, it could have done anything it wanted on your system had it contained harmful code.

* If you cannot see gfi-test.txt

If you are cannot see the file, this means you have effective client-based email security. Note that, for your network to be secure, every machine on your network must have such client-based protection installed, including your servers. Server levelsecurity is recommended as additional protection.



2) CLSID extension vulnerability test E-Mail
(As the attached file didn't open after clicking on it, I presume I passed this one also. As a double-check, I opened it with ACDSee and nothing happened)



Your mail server has just accepted and sent you an email containing an attachment with a hidden CLSID extension! This means it is relying on desktop level security to protect you. You should now try to run the attachment.

* If you can run this file

If you can run this file, then you are vulnerable to this type of attack. Attachments which end with a CLSID file extension do not show the actual full extension of the file when saved and viewed with Windows Explorer. This allows dangerous file types to look as though they are simple, harmless files - such as JPG or WAV files - that do not need to be
blocked. This method can also circumvent attachment checking in some email content filtering solutions.

The enclosed attachment looks like a simple JPG file but is actually a CLSID file that contains code. If you open this file, it creates a text file on your desktop, gfi-test.txt, that has read vital information about your system.

* If you cannot run this file

If you are unable to run the file, this means you have effective client-based email security. Note that, for your network to be secure, every machine on your network must have such client-based protection installed,
including your servers. Server level security is
recommended as additional protection.



3) VBS attachment vulnerability test E-Mail
(As I passed this one also, for now I have 100% efficiency)



Your mail server has just accepted and sent you an email containing a .vbs attachment! This means it is relying on desktop level security to protect you. You should now try to run the attachment.

* If you can run this file

If you can run this file, then you are vulnerable to attacks by email viruses like the LoveLetter, and AnnaKournikova. VBS files contain commands which, when executed, can do virtually anything on the recipient's PC. This includes running malicious code such as viruses and worms. As you can see, the enclosed attachment has read vital information about your system, showing you that, in fact, it could have done anything it wanted on your system had it contained harmful code.

* If you cannot run this file

Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //