Email Security

Neto · Post by **Neto** » Tue Feb 11, 2020 8:52 am

Has anyone here ever seen concrete evidence that a system can be hacked or infiltrated through email when the system is running exclusively in a non-administer user account, and the admin password is NOT entered when a rogue process requests it?

MaxPC · Post by **MaxPC** » Tue Feb 11, 2020 9:08 am

Neto wrote:Has anyone here ever seen concrete evidence that a system can be hacked or infiltrated through email when the system is running exclusively in a non-administer user account, and the admin password is NOT entered when a rogue process requests it?

There is that Yahoo mail hacker problem a few years ago. I’ve always used gmail or university email systems so have not had any problems, thankfully.

It may be that some systems did not have a sufficient set of firewalls or other setup.

Josh · Post by **Josh** » Tue Feb 11, 2020 12:37 pm

Neto wrote:Has anyone here ever seen concrete evidence that a system can be hacked or infiltrated through email when the system is running exclusively in a non-administer user account, and the admin password is NOT entered when a rogue process requests it?

Yes, pretty easy. The system needs to be running an OS that has a privilege escalation CVE on it.

Then the email client needs to have an open CVE that allows arbitrary code execution.

Neto · Post by **Neto** » Tue Feb 11, 2020 8:08 pm

Josh wrote:
Neto wrote:Has anyone here ever seen concrete evidence that a system can be hacked or infiltrated through email when the system is running exclusively in a non-administer user account, and the admin password is NOT entered when a rogue process requests it?
Yes, pretty easy. The system needs to be running an OS that has a privilege escalation CVE on it.

Then the email client needs to have an open CVE that allows arbitrary code execution.

Thanks, Josh. Am I correct in understanding your last sentence to say that "In order for this type of hack to be possible the email client needs to have an unresolved common vulnerability"? If so, would this mean, for instance, Thunderbird, or MS Outlook?

Josh · Post by **Josh** » Tue Feb 11, 2020 8:36 pm

Correct

Generally the only result of such attacks is ransomware.

Judas Maccabeus · Post by **Judas Maccabeus** » Tue Feb 11, 2020 9:31 pm

Josh wrote:
Neto wrote:Has anyone here ever seen concrete evidence that a system can be hacked or infiltrated through email when the system is running exclusively in a non-administer user account, and the admin password is NOT entered when a rogue process requests it?
Yes, pretty easy. The system needs to be running an OS that has a privilege escalation CVE on it.

Then the email client needs to have an open CVE that allows arbitrary code execution.

Yeah, Apple keeps patching them like wack-a-mole. So far few in the wild on Unix based platforms are able to get administrative privileges, but I found one that kept trying to execute sudo commands. Fortunately OS X 10.15 wont allow, and prompts for a password.

Can email clients do that in win10?

J.M.

MennoNet.com

Email Security

Email Security

Re: Email Security

Re: Email Security

Re: Email Security

Re: Email Security

Re: Email Security