There has been active commentary about the “EFAIL” paper released May 14 by a German and Belgian research team that presented potential vulnerability in PGP and S/MIME encrypted emails. The Zimbra Security team has analyzed the paper and tested Zimbra for any exposure to the EFAIL attack patterns.
Good news. Zimbra S/MIME solutions are not affected by the issues described in EFAIL. Zimbra is not only rendering HTML content directly, but we also have a mechanism in place that prevents this pattern.
It is important to note the precondition specified by the authors: “To create these exfiltration channels, the attacker first needs access to the encrypted emails.” That’s a pretty high bar in most cases.
So EFAIL is a problem that needs to be taken seriously but at a more objective distance.
Zimbra will monitor the situation around EFAIL, while we also continue to investigate and invest in additional barriers for these types of attacks.
What should Zimbra users do in the meantime?
- If you are using Zimbra’s S/MIME java applet solution or server side solution, you don’t have to do anything.
- If you are using a third party client, then please check the FAQ section of the EFAIL report page (https://efail.de/#faq) to see if your client is affected.
- If your client is affected, we recommend you follow the authors’ recommendations from the Mitigations section of this page that we’ve copy & pasted below:
Here are some strategies to prevent EFAIL attacks:
Short term: No decryption in email client. The best way to prevent EFAIL attacks is to only decrypt S/MIME or PGP emails in a separate application outside of your email client. Start by removing your S/MIME and PGP private keys from your email client, then decrypt incoming encrypted emails by copy & pasting the ciphertext into a separate application that does the decryption for you. That way, the email clients cannot open exfiltration channels. This is currently the safest option with the downside that the process gets more involved.
Short term: Disable HTML rendering. The EFAIL attacks abuse active content, mostly in the form of HTML images, styles, etc. Disabling the presentation of incoming HTML emails in your email client will close the most prominent way of attacking EFAIL. Note that there are other possible backchannels in email clients which are not related to HTML but these are more difficult to exploit.
Medium term: Patching. Some vendors will publish patches that either fix the EFAIL vulnerabilities or make them much harder to exploit.
Long term: Update OpenPGP and S/MIME standards. The EFAIL attacks exploit flaws and undefined behavior in the MIME, S/MIME, and OpenPGP standards. Therefore, the standards need to be updated, which will take some time.