Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Google has just patched a critical Gmail vulnerability, allowing hackers to send fake emails
Security researcher Allison Husain is the one who discovered a Gmail security vulnerability that Google has just fixed. According to Husain, the cause of the problem lies in the lack of a verification mechanism when configuring email routes.
"Both Gmail and G Suite's strict DMARC / SPF policy can be circumvented by using G Suite mail routing rules to forward and grant authentication to spoofed emails , " says Husain. shall.
Husain discovered the problem in early 2020 and reported it to Google on 3/4/2020. Google took over the issue on April 16, 2020 but later determined that the vulnerability was prioritized only at level 2, severity level 2, and then marked it as a duplicate vulnerability. .
Google delayed patching the vulnerability by 137 days and would only patch it when it went public on the internet When Husain informed Google that he would make the vulnerability public on August 17, Google said a patch was under development and expected to roll out on September 17. According to Google regulations, the vulnerability will be patched within 90 days from when it is reported to Google and after this deadline a developer can publicize the vulnerability they discover. In the case of Husain, the Gmail vulnerability has not been patched even though it was reported 137 days ago.
Therefore, Husain decided to publicize the vulnerability on August 19 to promote Google to quickly take measures to protect users. Husain's decisive action forced Google to immediately take corrective measures.
Within 7 hours of Husain published details of the vulnerability, Google has released a patch.
David PacYou should read it
- 11 great extensions for Gmail on Firefox
- Master the new mobile Gmail application with these 10 useful tips
- Google is about to change the Gmail interface?
- Experience Google 's new Gmail interface quickly
- Instructions for deleting Gmail and Google accounts
- Replace the new 'shirt' for Gmail
- Gmail has just updated an extremely useful new entry: Contacts tab
- Guide to managing jobs with Google Calendar in Gmail
May be interested
- How to enable the Undo Send feature on Microsoft Outlook?
if you're a familiar user of gmail, you've probably heard of the undo send feature. this feature allows you to recall emails that you accidentally pressed send email. if you accidentally send an email to someone else, you can use this feature to retrieve emails. on the oulook client, microsoft also integrates this feature. however, the drawback is that this feature is buried under a variety of menus. - How to back up email on Gmail to OneDrivein addition to downloading gmail emails to your computer with important content emails, we can also choose to back up gmail to storage services.
- Zalo PC has a serious RCE error, you should be careful when receiving attachmentszalo pc's critical vulnerabilities have just been announced by the cyberjutsu security research team.
- Microsoft has patched the critical vulnerability on Android Remote Desktop applicationthis vulnerability is currently monitored with cve-2019-1108 identifiers, and dangerous ratings at 'important'.
- Instructions to block mail senders in Gmailwhen using email in general, gmail in particular, users are often bothered by spam emails distributed from individuals or organizations, they often occupy a lot of free space on your mailbox. meanwhile, deleting all these junk emails manually will take a lot of time and effort. for that reason, today, network administrator will show you a way to treat people who send spam.
- 5 methods of emailing are completely anonymousthere are many good reasons to send an anonymous email. there are free online services that allow you to send anonymous emails.
- Instructions for snoozing emails in Gmailthe snooze feature in gmail helps you hide unimportant emails and snooze them at another time that you set up.
- How to delete all emails of a specific sender on Gmail?here's how to delete email from a user, delete gmail messages by keyword in the simplest way. if you need to delete spam emails on gmail, you can also use this way. so, don't skip this useful email deletion procedure!
- 5 websites to help 'prank' your friends with fake emailsif you want to send fake emails to prank your friends and family, there are a number of online services worth exploring.
- How to back up email on Gmail to PDFto be able to save important email content on gmail, we can convert mail to pdf or csv files to open as needed.
Attack the network
- Find bug in Emotet malware, prevent it from spreading for 6 months
- Microsoft has just patched a critical security hole in Windows 10 discovered in 2018
- Google Chrome has a serious zero-day error, and hackers can execute malicious code at its fullest
- Wsreset tool of Windows 10 Store was used by hackers to bypass anti-virus software
- The Joker malware once again bypassed Google's security, spreading strongly on the Play Store
- The 'gang' behind the Sodinokibi malware began auctioning celebrity data on the dark web
Find bug in Emotet malware, prevent it from spreading for 6 months
Microsoft has just patched a critical security hole in Windows 10 discovered in 2018
Google Chrome has a serious zero-day error, and hackers can execute malicious code at its fullest
Wsreset tool of Windows 10 Store was used by hackers to bypass anti-virus software
The Joker malware once again bypassed Google's security, spreading strongly on the Play Store
The 'gang' behind the Sodinokibi malware began auctioning celebrity data on the dark web