Vulnerability detected in windows 10 password manager

Windows 10 comes standard with a password manager called Keeper. This comes installed by default on devices with this operating system. But, a critical vulnerability has been detected that could cause login keys to be exposed. Also, according to Tavis Ormandy, this is not the first failure that has been detected so far. What has gone wrong?

Vulnerability detected in Windows 10 password manager

The computer security expert had installed a copy of Windows 10 downloaded from the Microsoft Developer Network. This preinstalled password manager appears to have been found to have a critical vulnerability in this copy. This failure allows any website to steal our login passwords.

I created a new Windows 10 VM with a pristine image from MSDN, and noticed a third party password manager is now installed by default. It didn't take long to find a critical vulnerability.

- Tavis Ormandy (@taviso) December 15, 2017

Vulnerability in the password manager

Although it seems that in this case it is not a Microsoft development nor does it belong to the Windows 10 code itself, since the company offers its users software developed by third parties so that users can make use of it. This is where the critical failure was detected. It allows any web page to steal Windows 10 user passwords. The problem has already been reported to Microsoft.

The Keeper developers have already released the solution once the problem was reported to them. In addition, they have made an automatic update available to users to install the new version of the manager. Although, it seems that Microsoft continues to offer a vulnerable version. So Microsoft is taking too long to offer this new version.

Therefore, for users who use the password manager, it is best to download the new version of Keeper. While it is expected that the corrected version of this manager will arrive in Windows 10 soon.

Hackeread Font