Jump to content











Photo
- - - - -

Google finds security flaw in Windows 10’s third-party pre-installed Password Manager

security flaw

  • Please log in to reply
1 reply to this topic

#1 alacran

alacran

    Platinum Member

  • .script developer
  • 2710 posts
  •  
    Mexico

Posted 18 December 2017 - 05:20 AM

Google finds security flaw in Windows 10’s third-party pre-installed Password Manager

It appears that Microsoft is bundling a Password Manager with fresh installation files of Windows 10 operating system, and over the top of that, the pre-installed Password Manager comes with a Critical Security bug. As we noted above, the critical security vulnerability comes with Windows 10 downloads.

Source: https://www.windowsl...ssword-manager/

 

Now on top of all security holes in Win10 they are also on forced install (CR)Apps.

 

alacran


  • Brito likes this

#2 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 18 December 2017 - 10:43 AM

 

“This potential vulnerability requires a Keeper user to be lured to a malicious website while logged into the browser extension, and then fakes user input by using a ‘clickjacking’ technique to execute privileged code within the browser extension,” the company behind Keeper password manager explained.

In other words, more or less what everyone does when navigating on the Internet. :frusty:

 

It is a strange world :w00t: where (sometimes) security researcher tag as critical vulnerability something that has (roughly) no chance whatsoever to happen, ever, and where (always) affected software companies attempt to minimize the (huge) risk by making what nearly every user connected to the internet does on a daily bases as the casual concurrence of a number of extremely rare events. :(

 

Besides the issue with the specific thingy, what is preoccupying, as you stated, is the MS guys adding (CR)Apps to the OS, and even more than that, even those that once were considered the "good guys" are doing the same :ph34r:, everyone is trying to downplay it, but the recent Firefox mishap is (at least to me) terrifying:

 https://drewdevault....pery-slope.html

 

 

:duff:

Wonko






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users