Keeper vulnerability to Windows password manager

: The well-known researcher ς της Google Tavis Ormandy, ανακάλυψε μια νέα affecting Microsoft Windows users.

This time around, the bug is in the Keeper password manager application that comes preinstalled in some versions of Windows 10. Ormandy states that discovered a similar vulnerability in August of 2016.Keeper password manager

Although this bug is not a security flaw in Windows or another Microsoft product, it may expose sensitive Windows user details as attackers could steal their passwords stored in the Keeper password manager.

X X X X X X X X X X X X X X X X posted a demo to prove the vulnerability, explaining that it "allows any website to steal any password".

Microsoft, on the other hand, said it knew the issue and said it was preparing to update the application.

"We are aware of the report about this third-party app and its developer will be releasing updates to protect our customers," a spokesperson said. s.

The Keeper password manager company detected the defect and immediately released an update to the 11.4.4 version. The app extension for Edge, Chrome, and Firefox browsers is automatically updated.

The Keeper developer reports that the flaw can only be exploited if someone can lead the user to a specially designed page that can take advantage of the flaw.

"This potential vulnerability requires a Keeper user to open a malicious website while logged in to the browser extension. It then falsifies the user data using a "clickjacking" technique so that it can run code with user rights in the browser extension.

Although the defect does not exist in itself of Windows, once again raises questions about Microsoft's strategy to promote third-party software. It is currently unknown on which computers Keeper is pre-installed and under what agreement.

The good thing is that everyone can disable the app.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).