Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
Tech
News18 » Tech
1-min read

Mozilla Firefox Patch Released for Flaw that Allowed Saved Passwords to be Copied

According to the released patch notes, the vulnerability allowed users to copy saved passwords from the Firefox password manager without needing the master password.

News18.com

Updated:August 16, 2019, 7:41 PM IST
facebookTwitterskypewhatsapp
Mozilla Firefox Patch Released for Flaw that Allowed Saved Passwords to be Copied
According to the released patch notes, the vulnerability allowed users to copy saved passwords from the Firefox password manager without needing the master password.
Loading...

Mozilla has released a patch for a flaw in its Firefox browser's password management system. According to the now-patched flaw, users could access the saved passwords section of the Firefox browser, right click on any of the saved passwords, and copy them to a text file. While every browser does allow users to see saved passwords, that is done by entering a master password, which in case of Firefox's vulnerability (listed as CVE-2019-11733) could be bypassed.

Firefox has disclosed the vulnerability, which was detailed by Sophos' Naked Security cyber vulnerability research blog, and stated that the issue has now been fixed. There was also a second reported vulnerability, which stated that Firefox's password manager is enabled by default without the use of a master password, when the browser is accessed for the first time. This potentially leaves all saved passwords vulnerable to local attacks without any secondary protection level, which is also something that Mozilla will have likely paid attention to.

The master password in question is often system-drawn, like in the case of Google Chrome, where the PC's password doubles up as the master password for the password manager database. If automatic updates have not been received yet, users are advised to manually check for the patch, and update their versions of Mozilla Firefox browser to the latest version available.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

| Edited by: ---
Read full article
Loading...
Next Story
Next Story

Also Watch

facebookTwitterskypewhatsapp

Live TV

Loading...
Countdown To Elections Results
To Assembly Elections 2018 Results