The risk of losing all passwords is due to the built-in password management tool on Windows 10
Since Windows 10 Anniversary Update (Version 1607), Microsoft added a new feature called Content Delivery Manager, silently installing recommended apps without user permission.
Posted on Chromium Blog, researcher Tavis Ormandy from the Google Project Zero project said that on Windows 10 machines downloaded directly from his Microsoft Developer Network installed a password management tool called Keeper.
Tavis is also not the only one, there are some users on Reddit saying that this Keeper Password Manager password management application has been silently installed on their computers 6 months ago.
Serious vulnerability on password management software
Knowing that 3rd party password management software is installed by default on Windows 10, Ormandy has tested it and discovered a serious vulnerability, 'allowing to steal any password'.
An attacker can use Keeper to steal all the passwords stored here
To explain, he also launched PoC https://lock.cmpxchg8b.com/keepertest.html stealing Twitter password when keeping this password on the Keeper application.
Install update Keeper Password Manager
Ormandy reported a vulnerability to Keeper and the company released patch 11.4 to fix the problem.https://blog.keepersecurity.com/2017/12/15/update-for-keeper-browser-extension-v11-4/ Keeper also said they have not seen any actual attacks. "This flaw will trick users into poisoning websites, sign in with clickjacking and execute code inside the browser," said Craig Lurey, co-founder and Keeper Secutiry's CTO.
Although Windows 10 users will not be exposed to any risk without opening this software, Microsoft still needs to explain why it is installed on the machine without the user's permission.
If you want, you can tweak the registry https://github.com/WinPEGuy/OSConfig/blob/master/OSConfig%20Samples/Settings/Windows%2010/(w10)%20Content%20Delivery%20Manager%20-%20PreInstalledAppsEnabled% 20-% 20No.reg to disable the Content Delivery Manager, preventing Microsoft from installing unwanted applications on the PC.
See more:
- How to view the password, delete the saved password on Chrome
- Bitwarden password manager - Microsoft Edge's latest extension
- 25% of the 1.9 billion passwords and usernames bought on the black market are Google accounts
You should read it
- Can the security of a password manager be trusted?
- Use an 8-character Windows NTLM password? Congratulations, your password may be unlocked after only 2.5 hours
- How to Change Your Password in Windows 8
- 3 ways to 'force' users to change passwords periodically on Windows 10
- How to disable Windows Hello sign-in to log in with a password on Windows 10
- PassBox: Manager and create a free password for Windows 10/8/7
- Experience Keepass, impressive password manager
- Set BIOS and UEFI password to protect data on your Windows 10 computer safely
May be interested
- Warning: The new Facebook virus, a malicious code that is spreading rapidly through Messengerfrom yesterday (december 18, 2017), a new type of malicious code has appeared and raged in vietnam. this malicious code is not too sophisticated but is spreading very fast through facebook messenger because it is sent from the friends in the friend list.
- Detecting new malware on Android can damage phonesunlike other malware (malware) that only steal data, when entering android and loapi phones, the hardware must work overload causing serious damage.
- Warning: a new variant of the virus that fills virtual money via Facebook Messenger will appear every 10 minutessecurity experts recommend users need to be more careful because every 10 minutes, a new variant of the virtual money digging virus appears on facebook messenger.
- Hundreds of thousands of IoT devices are likely to be attacked by vulnerabilities on the serveron christmas day, a vulnerability affecting web servers was embedded with hundreds of thousands of iot devices, namely goahead, a web server created by embedthis software.
- VNCERT warns Internet users in Vietnam to change their email and Facebook passwords immediatelya large number of accounts use e-mail, passwords of social networking sites and online services leaked worldwide.
- The handler for hackers attacking the corporate network is the company's employeesthe habit of using the internet at work to surf the web, do personal things like receiving and sending sensitive information or not privacy to social network accounts is the leading cause of data security issues. the company's coming with external threats.