Researchers Discover Vulnerabilities in PGP/GPG Email Encryption Plugins, Users Advised to Avoid for Now
A warning has been issued by European security researchers about critical vulnerabilities discovered in PGP/GPG and S/MIME email encryption software that could reveal the plaintext of encrypted emails, including encrypted messages sent in the past.
The alert was put out late on Sunday night by professor of computer security Sebastian Schinzel. A joint research paper, due to be published tomorrow at 07:00 a.m. UTC (3:00 a.m. Eastern Time, 12:00 am Pacific) promises to offer a thorough explanation of the vulnerabilities, for which there are currently no reliable fixes.
Details remain vague about the so-called "Efail" exploit, but it appears to involve an attack vector on the encryption implementation in the client software as it processes HTML, rather than a vulnerability in the encryption method itself. A
blog post published late Sunday night by the Electronic Frontier Foundation said:
"EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages."
In the meantime, users of PGP/GPG and S/MIME are being advised to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email, and seek alternative end-to-end encrypted channels such as Signal to send and receive sensitive content.
Update: The GPGTools/GPGMail team has posted a temporary workaround against the vulnerability, while MacRumors has compiled a separate guide to removing the popular open source plugin for Apple Mail until a fix for the vulnerability is released. Other popular affected clients include Mozilla Thunderbird with Enigmail and Microsoft Outlook with GPG4win. Click the links for EFF's uninstall steps.
Popular Stories
Bloomberg's Mark Gurman expects Apple to release new AirPods Pro this year, and he said the earbuds will have a key new feature: heart rate monitoring.
From his Power On newsletter today, with emphasis added:As for Apple's other devices, there's a lot in the fall pipeline — though many of the new products are only incremental upgrades.
There will be Apple Watch updates, faster Vision...
Apple's iPhone 17 Pro and iPhone 17 Pro Max should be unveiled in a few more weeks, and there are plenty of rumors about the devices.
In his Power On newsletter today, Bloomberg's Mark Gurman corroborated a rumor that iPhone 17 Pro models will be "available in an orange color."
Below, we recap key changes rumored for the iPhone 17 Pro models:
Aluminum frame: iPhone 17 Pro models are...
Apple will offer the upcoming iPhone 17 Pro and iPhone 17 Pro Max in a new orange color, according to Bloomberg's Mark Gurman.
Gurman made the claim in the latest edition of his Power On newsletter, adding that the new iPhone 17 Air – replacing the iPhone 16 Plus – will come in a new light blue color.
We've heard multiple rumors about a new iPhone 17 Pro color being a shade of orange. The ...
Apple has "considered" releasing a bumper case for the upcoming iPhone 17 Air, according to Bloomberg's Mark Gurman.
Similar to the bumper case that Apple introduced for the iPhone 4 in 2010, Gurman said the iPhone 17 Air version of the case would cover the edges of the device, but not the back of it. Those bumper cases were made of rubber.
Given that the iPhone 17 Air is expected to have ...
Apple will hold its annual iPhone-centric event on Tuesday, September 9 at the Apple Park campus in Cupertino, California, according to an announcement that went out today. The event will start at 10:00 a.m., with select members of the media invited to attend.
At the September 2025 iPhone event, Apple will unveil the iPhone 17 lineup, which includes an all-new ultra-thin iPhone 17 Air. It...
We're only weeks away from Apple's annual iPhone event – rumored to take place on September 9 – and along with the new iPhone 17 series, we're going to get a new version of the Apple Watch Ultra for the first time since 2023.
By the time the Ultra 3 is unveiled, it will have been two years since the previous model arrived. The intervening period has left plenty of room for enhancements,...
Apple today announced its "Awe Dropping" iPhone-centric event, which is set to take place on Tuesday, September 9 at 10:00 a.m. Pacific Time. There are a long list of products that are coming, but we thought we'd pull out five feature highlights to look forward to.
That Super Thin iPhone - Apple's September 9 event will see the unveiling of the first redesigned iPhone we've had in years, ...
Apple hasn't updated the AirPods Pro since 2022 other than a shift from Lightning to USB-C, and the earbuds are due for a refresh. According to Bloomberg's Mark Gurman, Apple will launch AirPods Pro 3 later this year, and apart from new features like heart rate monitoring, we're also expecting a few design changes.
The fourth‑generation AirPods offer useful clues to Apple's design cues for ...
