Sebastian Schinzel, a professor of Computer Security at the Munster University of Applied Sciences, this week issued a dire warning about a critical flaw in the S/MIME and OpenPGP encryption tools, which would allow attackers to read supposedly encrypted emails in plaintext form. Schinzel and his team's research has been corroborated by Electronic Frontier Foundation (EFF), and has been described in detail by the researchers in a paper published earlier today
. The flaw, named EFAIL, reportedly affects both sent and received messages, including past correspondence. According to Schinzel, no fixes currently exist for the vulnerability, and the best thing users can do for now is to disable the relevant encryption standards.