Google finds a vulnerability in Windows 10’s Password Manager

تعرفه تبلیغات در سایت
عنوان عکس
عنوان عکس
عنوان عکس
عنوان عکس
عنوان عکس

جستجوگر

یافته ها در جستجو

    امکانات وب

    آرشیو مطالب

    برچسب ها

    Google’s Security Researcher Tavis Ormandy has discovered a bug in Windows 10’s Password Manager which allows attackers to steal passwords. The flaw is with third-party Keeper password manager app which comes installed Windows 10 devices. Tavis says that the flaw is similar to the one he discovered back in 2016.

    I remember filing a bug a while ago about how they were injecting privileged UI into pages. “I checked and, they’re doing the same thing again with this version.

    – Tavis Ormandy

    Tavis demonstrated the attack and shared the details as a part of Project Zero. The bug is subjected to a 90-day disclosure deadline which means that once 90 days are up, Tavis is free to share the details about the bug and how to exploit it publically.

    This might sound scary but Keeper has already flagged the issue and as of yesterday, a new update has been pushed to fix the issue. The company addressed it in a blog post:

    All customers running Keeper’s browser extension on Edge, Chrome and Firefox have already received Version 11.4.4 through their respective web browser extension update process. Customers using the Safari extension can manually update to version 11.4.4 by visiting Keeper’s download page. No reports of any customers affected by this bug have been reported to Keeper. Mobile Apps and Desktop Apps were not affected and do not require updates.

    We hope that the new update fixes the issue and as an advisory, we recommend you to have all the apps up-to-date to prevent any attacks. You can download the extension for Edge from the Microsoft Store below.

    Keeper - Password Manager & Secure File Storage

    Developer: Keeper Security Inc

    Price: Free+

    Via: Windows Latest; Project Zero; Keeper

    Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.

    Related
    نویسنده : محمد رضا جوادیان بازدید : 1 تاريخ : دوشنبه 27 آذر 1396 ساعت: 13:40
    برچسب‌ها :
    اخبار و رسانه هاهنر و ادبیاترایانه و اینترنتعلم و فن آوریتجارت و اقتصاداندیشه و مذهبفوتو بلاگوبلاگ و وبلاگ نویسیفرهنگ و تاریخجامعه و سیاستورزشسرگرمی و طنزشخصیخانواده و زندگیسفر و توریسمفارسی زبان در دیگر کشورها