Friday, Mar 29, 2024 | Last Update : 08:56 PM IST

  Technology   In Other news  17 Dec 2017  Windows 10 shipped with a bug-ridden password manager, patched now

Windows 10 shipped with a bug-ridden password manager, patched now

THE ASIAN AGE
Published : Dec 17, 2017, 6:19 pm IST
Updated : Dec 17, 2017, 6:19 pm IST

Third-party app Keeper on Windows 10 came with a bug that allowed any website to steal passwords.

It was surprising that this kind of vulnerable app came with a legal copy of Windows 10.
 It was surprising that this kind of vulnerable app came with a legal copy of Windows 10.

Microsoft is one of those developers that prefer to include a lot of third-party apps with their genuine copies of Windows 10. Windows 10 has been trying to imitate the mobile platforms such as Android and iOS lately and therefore comes with many apps to aid computing in the current times. However, one third-party app, that was meant to provide convenience during logging into accounts, has surfaced with a dangerous bug.

Google Project Zero researcher Tavis Ormandy has discovered a serious flaw in Keeper, a password manager app bundled with the latest versions of Windows 10. When the plugin for the following app was enabled in web browsers, a serious bug allowed for any website to steal passwords. It was surprising that this kind of vulnerable app came with a legal copy of Windows 10.

However, in another report by Ars Technica, Microsoft has confirmed that the bug has been ironed out with a patch and users will need to get the latest security update on their Windows PCs. Also, the plugin was only vulnerable if users had activated it in the browser.

While this may not be a serious issue, it focuses attention towards Microsoft’s initial software testing before a public rollout. Software developers should focus their attention towards testing the vulnerabilities that third-party software brings into the system.

(source)

Tags: microsoft, windows 10, bugs