A test of the 'Email Security Testing Zone'
If you are unable to run the file, this means you have effective client-based email security. Note that, for your network to be secure, every machine on your network must have such client-based protection installed, including your servers. Server level security is recommended as additional protection.



4) ActiveX vulnerability test E-Mail
(Ooops, it's like 3 out of 4 as I flunked this one. Exploit created txt file on my Desktop and automatically started it)



The ActiveX component exploit test has just been performed on your computer. Opening this mail automatically activates the test.

* If you can see gfi-test.txt

If the text file gfi-test.txt appears on your desktop, then you are vulnerable to this exploit.

ActiveX within HTML content can circumvent security measures in certain circumstances. Vulnerabilities within Internet Explorer and Outlook allow such content to be executed. The text file demonstrates that it has read vital information about your system.

* If you cannot see gfi-test.txt

If you are cannot see the file, this means you have effective client-based email security. Note that, for your network to be secure, every machine on your network must have such client-based protection installed, including your servers. Server level security is recommended as additional protection.



GFI's Email Security Testing Zone is a pretty nice concept and I hope the new tests will be added every now and then. As regarding Outlook and Outlook Express security problems, the question is why to use them when there are much better (at least more secure) e-mail clients around. If you really need to use them, Security Web sites and this 'Email Security Testing Zone' should be in your bookmarks.

References:

Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //