Slashdot Mirror
Windows 10 Bundled a Password Manager with a Security Flaw (bleepingcomputer.com)
An anonymous reader writes: A Google security researcher has found and helped patch a severe vulnerability in Keeper, a password manager application that Microsoft has been bundling with some Windows 10 distributions this year... "This is a complete compromise of Keeper security, allowing any website to steal any password," Tavis Ormandy, the Google security researcher said, pointing out that the password manager was still vulnerable to a same vulnerability he reported in August 2016, which had apparently been reintroduced in the code.
Based on user reports, Microsoft appears to have been bundling Keeper as part of Windows 10 Pro distributions since this past summer.
The article reports that Keeper issued a fix -- browser extension version 11.4 -- within less than 24 hours.
Based on user reports, Microsoft appears to have been bundling Keeper as part of Windows 10 Pro distributions since this past summer.
The article reports that Keeper issued a fix -- browser extension version 11.4 -- within less than 24 hours.
Windows 10 IS IN ITSELF a MAJOR security flaw... I think its too precious to call out one tiny piece of Windows 10 and complain about its security flaw.... Of course I will be ruthlessly downmodded by the Windows astroturfing squad... Do your worst, as MOST of us with half a clue know I'm right...
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)