CyberNews404 - A Google security researcher has found and helped fix a severe vulnerability in the Keeper, a Windows 10 password manager application that has been bundled by Microsoft with several Windows 10 distributions this year.
"I've heard of Keepers, I remember bugging a while ago about how to inject UI privileged into the page," said Google security researcher Tavis Ormandy who discovered the vulnerability recently.
"I checked and, they do the same thing again with this version," the expert added, referring to the Keeper app that bundled with several versions of Windows 10.
"I think I've been generous in mind this is a new issue that qualifies for ninety days disclosure, as I've really just changed the same selectors and attacks. Nevertheless, this is a complete Compromise Security Keeper, which allows websites to steal any passwords, "Ormandy added.
To prove its point, Ormandy also created a demo page where the Keeper user can see the vulnerability.
The Keeper Recognizes His Error And Issues Emergency Updates
This issue affects the version of browser extension Keeper version 11.3. Tim Keeper issued an update less than 24 hours after receiving Ormandy report.
The new Keepers browser version extension 11.4 is now pushed to the user, Lurey says. And it says that the "Add to Existing" feature with the problem is disabled until they fix the vulnerability inside.
Vulnerability Has Not Been Exploited
Craig Lurey (Co-Founder and CTO Keeper Security), said the company was not aware of any attacks using this vulnerability, nor did customers report security incidents where the bugs were misused.
![[Learning Module] Metasploit The Penetration Tester's Guide : Basic Absolute For Penetration Testing](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgIGcys0kl5v0lguuoTfjDFY5pdnrH_-ZKRVMSCfvaZXodh3I3Y9Ketrvqw41ekC79J1tTzJ7k6zTOlRrGgh22Q4_3csCi_FPJ9_a3NV7R9q6zhKBV-mGj8NxY2wIU7FE0Gf2sdlkx95A/s72-c/Penetration-Tester-Guide-CyberNews404.PNG)
I am sure a lot of us are still not aware of the recent development of the Blank ATM card.. An ATM card that can change your financial status within few days. With this Blank ATM card, you can withdraw between $2,000-$3,000 -$5, 500-$8,800-$12, 000-$20,000-$35,000 -$50,000 daily from any ATM machine in the world. There is no risk of getting caught by any form of security if you followed the instructions properly. The Blank ATM card is also sophisticated due to the fact that the card has its own security making your transaction very safe and untraceable. i am not a stupid man that i will come out to the public and start saying what someone have not done. For more info contact Mr john and also on how you are going to get your order..
ReplyDeleteOrder yours today via Email: cryptoatmhacker@gmail.com