Google has fixed a major security issue affecting Gmail and G Suite mail servers.
The error could allow an attacker to send fake messages impersonating any Gmail or G Suite client.
According to security researcher Allison Husain, who found and reported the problem to Google in April, the bug also allowed attackers to deliver spoofed emails post officeυ σύμφωνα με το SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication, Reporting, and Conformance ), two of the most advanced email security standards.
However, despite the fact that Google had 137 days to fix the problem, it delayed the updates, planning to fix the error sometime in September.
Google engineers changed their minds yesterday when Husain published details for the error in her blog, along with a PoC.
Seven hours after the announcement, Google told Husain that it had developed a patch to block any attacks that take advantage of the issue, but work will be completed with final updates in September.
Google's patch has already been applied to the server, which means that the users Gmail and G Suite users don't need to do anything.