Bluemail
Monthly
Protection-mechanism bypass in BlueMail 1.140.103 and earlier on Windows lets attackers deliver files that are saved via the attachment-interaction feature without a Mark-of-the-Web (MOTW) tag, defeating Windows SmartScreen, Office Protected View, and third-party security software that rely on the MOTW zone identifier. Publicly available exploit code exists; the flaw is not listed in CISA KEV and EPSS is low (0.48%, 38th percentile), indicating no confirmed widespread exploitation yet. The practical effect is that a malicious document or executable arriving by email loses the 'downloaded from the Internet' provenance that would normally trigger a warning or block.
Protection-mechanism bypass in BlueMail 1.140.103 and earlier on Windows lets attackers deliver files that are saved via the attachment-interaction feature without a Mark-of-the-Web (MOTW) tag, defeating Windows SmartScreen, Office Protected View, and third-party security software that rely on the MOTW zone identifier. Publicly available exploit code exists; the flaw is not listed in CISA KEV and EPSS is low (0.48%, 38th percentile), indicating no confirmed widespread exploitation yet. The practical effect is that a malicious document or executable arriving by email loses the 'downloaded from the Internet' provenance that would normally trigger a warning or block.