fans have been warned about a glaring security risk that could let cyber criminals steal your passwords.

The warning revolves around a password manager that recently has been bundled in with some versions of Microsoft’s flagship OS.

Google Project Zero researcher Tavis Ormandy discovered the security risk after installing Windows 10 using a fresh image from Microsoft.

He found that, as a result of the fresh Windows 10 install, Keeper Password Manager was pre-installed on his PC.

When he tested the app, he found a browser plugin the app prompted him to enable contained a terrifying bug.

In a blog post he said the security flaw represented “a complete compromise of Keeper security, allowing any website to steal any password.”

Ormandy installed Windows 10 using an image from Microsoft Developer Network (MSDN), meaning that it as meant for developers.

However, Reddit users also claimed to have received the vulnerable copy of Keeper after clean reinstalls and even on a brand new laptop.

Express.co.uk has contacted Microsoft for comment.

However, speaking to Ars Technica, a Microsoft spokesperson said: “We are aware of the report about this third-party app, and the developer is providing updates to protect customers.”

The developers of Keeper Password Manager fixed the flaw on Friday 24 hours after Ormandy privately reported the issue to them.

The security flaw was addressed in version 11.4 which removed the vulnerable “add to existing” functionality. 

Windows 10 users wouldn’t have been vulnerable unless they had opened Keeper, entered their passwords and followed promote to install the browser plugin.

The news comes after Express.co.uk revealed Windows 10 users needed to download a vital update to protect themselves from a security risk.

Windows 10 users have been put on alert about a Microsoft software vulnerability which hackers are using to infect PCs with malware and then take control of it.

The recently disclosed Microsoft Office vulnerability lets cybercriminals exploit a backdoor and deliver malware that can take control of PCs.

The CVE-2017-11882 vulnerability, which affects WordPad also, has existed for a staggering 17 years, according to cybersecurity website Security Week.

And recently hackers have been trying to exploit this to deploy the potent Cobalt malware through spam e-mails.

The e-mail contains an RTF document, and once opened users are greeted with a blank document alongside the message Enable Editing.

However, this message is only trying to cover what’s going in the background – as the malicious code gets downloaded and installed so the PC is hijacked.

The flaw has been categorised as security vulnerability CVE-2017-11882 and was fixed thanks to the updates provided on Microsoft’s November Patch Tuesday.

However, in the system requirements for all the patches available, it only mentions Windows operating systems as being supported.

Operating systems supported by the patches include Windows 10, Windows Vista, Windows 8, Windows 8.1 and Windows 7.

Outlining how the vulnerability works in a post, the Microsoft Security TechCenter said: “A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. 

“An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. 

“If the current user is logged on with administrative user rights, an attacker could take control of the affected system. 

“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”



Image & Article Source

Leave a Reply

Your email address will not be published.