Here’s how to protect yourself from the EFAIL vulnerability in Apple Mail on both iOS and macOS. These temporary fixes come after thenew vulnerabilitywas discovered that allows hackers to derive decrypted plaintext from encrypted emails. For the attack to work, the third party must be in possession of your encrypted S/MIME or PGP emails.
Although Apple’s likely to offer a fix to this vulnerability sooner rather than later, there are things you may do now to make your email more secure.
The Electronic Frontier Foundation (EFF) was thefirst to discoverthis vulnerability.
As previously mentioned, the first method involves removing theGPGTools/GPGMailencryption plugin from Apple Mail on macOS. To do so:
On iOS, you’ll need to just change the setting called “Load Remote Images.”To do so:
Removing EFAIL vulnerability — final words
Keep in mind this vulnerability is most likely to occur in an environment that relies on S/MIME and PGP encrypted email communications to talk in private. The average Apple Mail user is almost certainly not using any of these tools.
you may read the technical details about the vulnerability from theEFF website.
We’ll let you know when Apple pushes out a fix for this issue. In the meantime, let us know what you think about this newly discovered vulnerability in Apple Mail and other email clients by leaving a comment below.
