4) ActiveX vulnerability test E-Mail
(Ooops, it's like 3 out of 4 as I flunked this one. Exploit created txt file on my Desktop and automatically started it)
The ActiveX component exploit test has just been performed on your computer. Opening this mail automatically activates the test.
* If you can see gfi-test.txt
If the text file gfi-test.txt appears on your desktop, then you are vulnerable to this exploit.
ActiveX within HTML content can circumvent security measures in certain circumstances. Vulnerabilities within Internet Explorer and Outlook allow such content to be executed. The text file demonstrates that it has read vital information about your system.
* If you cannot see gfi-test.txt
If you are cannot see the file, this means you have effective client-based email security. Note that, for your network to be secure, every machine on your network must have such client-based protection installed, including your servers. Server level security is recommended as additional protection.
GFI's Email Security Testing Zone is a pretty nice concept and I hope the new tests will be added every now and then. As regarding Outlook and Outlook Express security problems, the question is why to use them when there are much better (at least more secure) e-mail clients around. If you really need to use them, Security Web sites and this 'Email Security Testing Zone' should be in your bookmarks.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.