The Email Exploit engine 

Introduction to e mail exploits 

What is an exploit? 

An  exploit  uses  known  vulnerabilities  in  applications  or  operating 

systems to compromise the security of a system, for example execute 

a program or command, or install a backdoor. It "exploits" a feature of 

a program or the operating system for its own use. 

What is an e mail exploit? 

An  email  exploit  is  an  exploit  launched  via  email.  An  email  exploit  is 

essentially an exploit that can be embedded in an email, and executed 

on the recipient's machine either once the user opens or receives the 

email.  This  allows  the  hacker  to  bypass  firewalls  and  anti virus 

products. 

Difference between Anti Virus software & Email exploit 

detection software 

Anti virus  software  is  designed  to  detect  malicious  code.  It  does  not 

necessarily analyze the method being used to execute the code.  

The email exploit detection engine analyses emails for exploits   i.e., it 

scans  for  methods  to  execute  a  program  or  command  on  the  user's 

system. The email exploit engine does not check whether the program 

is  malicious  or  not.  Rather,  it  assumes  a  security  risk  if  an  email  is 

using  an  exploit  in  order to  run  a  program  or command    whether  or 

not the actual program or command is malicious.  

In  this  manner,  the  email  exploit  engine  works  like  an  intrusion 

detection  system  (IDS)  for  email.  The  email  exploit  engine  might 

cause more false positives, but it is more secure than a normal anti 

virus  package,  simply  because  it  uses  a  totally  different  way  of 

checking for e mail threats. 

Furthermore, the email exploit engine is optimized for finding exploits 

in email, and can therefore be more effective at this job than a general 

purpose anti virus engine.  

The Email Exploit engine 

 59