Google has patched a major security flaw affecting email servers of Gmail and G Suite.
The error could allow an attacker to send fake messages that mimic any Gmail or G Suite client.
According to security researcher Allison Husain, who found and reported the problem to Google in April, the bug also allowed attackers to forward spoofed emails according to SPF (Sender Policy Framework) και το DMARC (Domain-based Message Authentication, Reporting, and Conformance ), two από τα πιο προηγμένα πρότυπα better safetys email.
However, despite the fact that Google had 137 days to fix the problem, it delayed the updates, planning to fix the error sometime in September.
Google engineers changed their minds yesterday when Husain published details for the error in her blog, along with a PoC.
Seven hours after the publication, Google told Husain that it had developed a patch to block any attacks that leverage the reported issue, but work will be completed with final updates in September.
The Google patch has already been applied to the server, which means that Gmail and G Suite users need to do nothing.
