London, UK, 12 April 2001 - GFI, leading developer of email content checking & anti-virus software, warns that HTML email viruses are becoming more dangerous and harder to block. Referring to the latest vulnerability to be found in HTML mail that allows viruses to be triggered automatically, GFI cautioned that more HTML email viruses are on their way and announced that Mail essentials, its server level email content checking and anti-virus solution, blocks this new breed of virus.

The vulnerability recently discovered in HTML mail makes it possible for an email message to run an embedded file attachment when the user simply previews that message in Outlook or Outlook Express. This means the user does not need to open the attachment to activate the virus; in fact, the attachment is invisible to the recipient. This new vulnerability lies in a Malformed Content Type tag, which is exploited using an IFRAME tag. Through the IFRAME tag, a malicious user is able to automatically run his/her file.

A patch that partially fixes this vulnerability has been issued, but it is not a total solution (see http://www.microsoft.com/technet/security/bulletin/ms01-020.asp for more information). For full protection, email content filtering at server level is essential.

"HTML mail viruses are becoming more sophisticated and more difficult to detect and stop. The recently discovered vulnerability is a clear example of how dangerous HTML mail scripting can be. Exploits like this indicate that other such HTML viruses lie close ahead," said Nick Galea, GFI CEO.

"Mail essentials protects against this type of virus in two ways. Through its file checking module, Mail essentials blocks infected attachments, even if they are hidden. Through its script checking function, Mail essentials removes the actual script that runs the exploit, including IFRAME and other tags that automatically run files," Mr. Galea explained. "All this is done at email server level, before the email is forwarded to the recipient. This way, organizations are secure against this new type of HTML mail virus."

About Mail essentials
Mail essentials for Exchange/SMTP is an email content checking and anti-virus solution that removes all types of email-borne threats before they can affect an organization's email users. Spam, viruses, dangerous attachments and offensive content can be removed before the email users can receive them. More information can be found at http://www.gfi.com/me/index.html. The full version of Mail essentials is available from $350.

Über GFI
GFI Software bietet als führender Software-Hersteller eine umfassende Auswahl an Netzwerksicherheits-, Inhaltssicherheits- und Kommunikationslösungen aus einer Hand, um Administratoren einen reibungslosen Netzwerkbetrieb zu ermöglichen. Mit seiner mehrfach ausgezeichneten Technologie, einer konsequenten Preisstrategie und der Ausrichtung an den Anforderungen kleiner und mittlerer Unternehmen erfüllt GFI höchste Ansprüche an Effizienz und Produktivität. Das Unternehmen wurde 1992 gegründet und ist mit Niederlassungen auf Malta sowie in London, Raleigh, Hongkong, und Adelaide vertreten und betreut über 200.000 Installationen weltweit. GFI bietet seine Lösungen über ein weltweites Netz von mehr als 10.000 Channel-Partnern an und ist Microsoft Gold Certified Partner. Weitere Informationen stehen zum Abruf bereit unter http://www.gfisoftware.de.

Alle hier aufgeführten Produkte und Firmennamen sind Marken der jeweiligen Eigentümer.