Email users who use PGP / GPG or S / MIME encryption to protect their correspondence are at risk of being intercepted by intruders.
A vulnerability, called EFAIL, was reported by a group of nine researchers working at the University of Applied Sciences in Münster. One of the participants in the study, Sebastian Shinzel, spoke about the vulnerability in Twitter.
There are currently no reliable fixes for the vulnerability. If you use PGP / GPG or S / MIME for very sensitive communication, you should disable it in your email client for now. Also read @ EFF’s blog post on this issue: https://t.co/zJh2YHhE5q #efail 2/4
– Sebastian Schinzel (@seecurity) May 14, 2018
According to him, there is no way to eliminate "a hole" currently does not exist. Shinzel also strongly recommended to disable the encryption function in the mail client, and temporarily use other communication channels.
The specialists intend to publish detailed information on the vulnerability on Tuesday, May 15.