Google, Microsoft and Yahoo Close Email Vulnerability

By -

Google, Microsoft and Yahoo have also fixed a vulnerability in its e-mail systemsThe error stuck, according to the US-CERT in the DKIM (DomainKeys Identified Mail) mentioned mechanism for signing e-mails. This made it possible to pretend that a message was sent to their e-mail systems.

The problem is that the three operators have used for DKIM keys with a length of less than 1024 bits. Even with 1024-bit RSA keys are now considered by some to be unsafe because it is relatively easy using the cloud computing over the available computing power, it by brute force method to crack.

First, the mathematician Zachary Harris had reported the vulnerability. He had received an email that supposedly come from a recruiter at Google. The header of the message, which shows who is the sender did not seem to be tampered with. Harris noted, however, used the weak DKIM keys.

As Wired reported, Harris cracked the key. Then he turned to e-mail to the Google founders Larry Page and Sergey Brin, as he left the e-mail suggested a refined setting test. He received no answer. Instead, he noted that Google introduced in the following years with a key length of 2048 bits.

According to Harris, other companies are affected. Ebay and Twitter translated accordingly with a key length of 512 bits. In financial services like PayPal and HSBC there are 768 bits.

In its security advisory advises US-CERT to replace all RSA keys with a length of less than 1024 bits to allow the shorter key either in test environments or production systems. Microsoft distributed since the beginning of the month a patch via Windows Update, which increases the need for Windows Certificates RSA key length of at least 1024 bits, to enhance the security of certificates.

He has over 5 years of experience as Online Media and Marketing Consultant, which allow him to enable companies to enhance and meet their Digital marketing goals. He has experience as both in-house and Agency Digital Marketing Experts. Ha has spent the most recent 4 years of his career focusing building Strong terms of Digital Marketing for his clients. In addition to his strengths on Building Brands and Serving Online Marketing strategy for his clients.

Comments are closed.