Researchers Discover Vulnerabilities in PGP/GPG Email Encryption Plugins, Users Advised to Avoid for Now

by

A warning has been issued by European security researchers about critical vulnerabilities discovered in PGP/GPG and S/MIME email encryption software that could reveal the plaintext of encrypted emails, including encrypted messages sent in the past.

GPGMail pane
The alert was put out late on Sunday night by professor of computer security Sebastian Schinzel. A joint research paper, due to be published tomorrow at 07:00 a.m. UTC (3:00 a.m. Eastern Time, 12:00 am Pacific) promises to offer a thorough explanation of the vulnerabilities, for which there are currently no reliable fixes.


Details remain vague about the so-called "Efail" exploit, but it appears to involve an attack vector on the encryption implementation in the client software as it processes HTML, rather than a vulnerability in the encryption method itself. A blog post published late Sunday night by the Electronic Frontier Foundation said:

"EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages."

In the meantime, users of PGP/GPG and S/MIME are being advised to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email, and seek alternative end-to-end encrypted channels such as Signal to send and receive sensitive content.

Update: The GPGTools/GPGMail team has posted a temporary workaround against the vulnerability, while MacRumors has compiled a separate guide to removing the popular open source plugin for Apple Mail until a fix for the vulnerability is released. Other popular affected clients include Mozilla Thunderbird with Enigmail and Microsoft Outlook with GPG4win. Click the links for EFF's uninstall steps.

Tags: Encryption, Security

Popular Stories

Apple Logo Zoomed

Tim Cook Teases Plans for Apple's Upcoming 50th Anniversary

Thursday February 5, 2026 12:54 pm PST by
Apple turns 50 this year, and its CEO Tim Cook has promised to celebrate the milestone. The big day falls on April 1, 2026. "I've been unusually reflective lately about Apple because we have been working on what do we do to mark this moment," Cook told employees today, according to Bloomberg's Mark Gurman. "When you really stop and pause and think about the last 50 years, it makes your heart ...
Read Full Article148 comments
wwdc sans text feature

Apple Rumored to Announce New Product on February 19

Thursday February 5, 2026 12:22 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report, citing industry sources, is available in English on Macworld. Apple announced the iPhone 16e on Wednesday, February 19 last year, so the iPhone 17e would be unveiled exactly one year later if this rumor is accurate. It is quite uncommon for Apple to unveil...
Read Full Article
Finder Siri Feature

Why Apple's iOS 26.4 Siri Upgrade Will Be Bigger Than Originally Promised

Friday February 6, 2026 3:06 pm PST by
In the iOS 26.4 update that's coming this spring, Apple will introduce a new version of Siri that's going to overhaul how we interact with the personal assistant and what it's able to do. The iOS 26.4 version of Siri won't work like ChatGPT or Claude, but it will rely on large language models (LLMs) and has been updated from the ground up. Upgraded Architecture The next-generation...
Read Full Article154 comments
iOS 26

iOS 26.3 and iOS 26.4 Will Add These New Features to Your iPhone

Tuesday February 3, 2026 7:47 am PST by
While the iOS 26.3 Release Candidate is now available ahead of a public release, the first iOS 26.4 beta is likely still at least a week away. Following beta testing, iOS 26.4 will likely be released to the general public in March or April. Below, we have recapped known or rumored iOS 26.3 and iOS 26.4 features so far. iOS 26.3 iPhone to Android Transfer Tool iOS 26.3 makes it easier...
Read Full Article37 comments
iphone 17 pro dark blue 1

iPhone 18 Pro Max Rumored to Deliver Next-Level Battery Life

Friday February 6, 2026 5:14 am PST by
The iPhone 18 Pro Max will feature a bigger battery for continued best-in-class battery life, according to a known Weibo leaker. Citing supply chain information, the Weibo user known as "Digital Chat Station" said that the iPhone 18 Pro Max will have a battery capacity of 5,100 to 5,200 mAh. Combined with the efficiency improvements of the A20 Pro chip, made with TSMC's 2nm process, the...
Read Full Article107 comments

Top Rated Comments

flyinmac Avatar
flyinmac
101 months ago
Hmm.... security protocol creates a vulnerability. To protect yourself, stop encrypting your emails???

Interesting.
Score: 12 Votes (Like | Disagree)
arekm Avatar
arekm
101 months ago
This looks like another clickbait by (almost pseudo) research teams. The problem is within mail software and not PGP encryption standard or tools.

https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html
Score: 7 Votes (Like | Disagree)
rodpascoe Avatar
rodpascoe
101 months ago
Oh the irony.
Score: 6 Votes (Like | Disagree)
flyinmac Avatar
flyinmac
101 months ago
Hope the alert was not sent by email LOL
Going back to using birds to deliver my messages. Considered pigeons... but I want a bird that can shred anyone who tries to intercept my message. Decided on Hawks.
Score: 4 Votes (Like | Disagree)
Detektiv-Pinky Avatar
Detektiv-Pinky
101 months ago

<snip>
From what I've read, it's a bug in PGP, not mail
I heard differently. It is supposedly a bug affecting any kind of Email encryption using MIME and automatically loading remote content. Also the in-build S/MIME encryption is at risk.
Score: 3 Votes (Like | Disagree)
belvdr Avatar
belvdr
101 months ago
From what I've read, it's a bug in PGP, not mail
It's a problem in the mail user agent (MUA), not PGP/GPG. From the mailing list:

https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html


The topic of that paper is that HTML is used as a back channel to create an oracle for modified encrypted mails. It is long known that HTML mails and in particular external links like <img href="tla.org/TAG"/> are evil if the MUA actually honors them (which many meanwhile seem to do again; see all these newsletters). Due to broken MIME parsers a bunch of MUAs seem to concatenate decrypted HTML mime parts which makes it easy to plant such HTML snippets.

There are two ways to mitigate this attack

- Don't use HTML mails. Or if you really need to read them use a
proper MIME parser and disallow any access to external links.

- Use authenticated encryption.
It also appears that some versions of OpenPGP already use authenticated encryption. From what I'm reading, this is a really old bug that many wanted to get fixed, but the MUAs fail to fix it.
Score: 3 Votes (Like | Disagree)
Read All Comments