ProtonVPN and NordVPN patched up vulnerabilities before they became known

best vpn services protonvpn interface
Mark Coppock/Digital Trends

Following the announcement from Cisco Talos that both NordVPN and ProtonVPN’s internet traffic obfuscating services were vulnerable to a newly discovered bug, both companies have come out with statements of their own to calm the fears of their users. It turns out that the respective flaws were patched out weeks ago, back when no one had heard anything about them.

The flaws in question piggybacked a patch applied by both companies to a bug discovered earlier this year. That April fix had its own flaw in it, according to ZDNet, which made it possible for a theoretical attacker to take control of the user’s system by exploiting the design of both NordVPN and ProtonVPN’s clients. Fortunately, those bugs were patched out well before the general public was made aware of them.

“The vulnerability described in their report no longer exists on our systems. When it did, it was completely undocumented and quite possibly unknown to anyone in the world,” NordVPN said on its blog. “When they discovered the CVE vulnerability in our and other VPN providers’ systems, Talos Intelligence, like all ethical security research firms, approached us with the news first before publishing it. They waited until we fixed the problem before publishing their findings to ensure that no VPN users were exposed to any additional risk.”

ProtonVPN released its own statement to ZDNet, claiming that the fix it has now implemented would eliminate all bugs of this type, but it will continue to investigate the issue to make sure.

Also of import is the fact that this particular exploit required hard access to a victim’s machine in the first place. That meant that even if this bug hadn’t been patched out, an attacker would have to have physical or remote access to the machine through a guest account or malware attack to execute the VPN exploit. As NordVPN pointed out in its blog post, if a hacker already has such access to a system, there are many other options they would have to further the attack. This exploit would merely be one extra attack vector.

With that in mind, this security breach wasn’t as damaging as some may have made out, but regardless, it’s good to see companies like NordVPN and ProtonVPN responding so swiftly to the problem.

If you want to make sure that your system is as protected as it can be, just run the updater within your VPN software to download the latest version if it hasn’t done so automatically.

For a look at some of our favorite VPNs, here’s our guide to the best.

Computing

Apple’s unsafe Mac App Store is simply inexcusable

Multiple reports have indicated top apps in the Mac App Store have been stealing sensitive data right. Not only did Apple fail to properly vet them, it ignored warnings from security researchers for weeks. Is a safe app store too much to…
Computing

The sequel to the Pixelbook is coming. Here's everything we know about it

What will the Pixelbook 2 be like? Google hasn't even announced it but thanks to rumors and leaks, we think we have a pretty good idea of what the potential new flagship Chromebook will be like.
Computing

Security flaw on modern PCs could leave your encrypted data exposed

Hackers can revive the decade-old cold boot attack to steal your data by exploiting weaknesses in a modern PC's or Mac's firmware, researchers discovered. The hack requires attackers to have physical access to your PC.
Mobile

Brexit may get messy, but free EU roaming is safe, U.K. government says

The U.K. government and networks have spoken out regarding the continuation of free mobile roaming throughout the EU, even if a no-deal Brexit happens next year, stating charges will not be reintroduced.
Deals

The best laptop deals for September 2018

Whether you're getting ready for a new school year, shopping for a special student, or just need a new computer, we've got you covered: These are the best laptop deals going, from discounted MacBooks to an on-the-go gaming PC.
Deals

Black Friday 2018: When it happens and where to find the best deals

Black Friday is the biggest shopping holiday of the year, and it will be here before you know it. If you can't wait until November 23 to start formulating a shopping plan, we've got you covered.
Web

Firefox Reality wants to bring the ‘whimsical web’ to VR

Mozilla launched a VR-powered web browser today called Firefox Reality. But just what does browsing the web in VR feel like? We went hands-on with this new browser to see how Mozilla imagines the future of virtual reality content.
Computing

A vigilante botnet is taking out crypto-jacking malware

A new botnet is on the rise but it isn't being used to take down websites or hack servers, it's going after crypto-jacking malware. When it discovers the malware on a website, it takes it over before destroying them both.
Computing

New monitors from Philips are sleek, color-accurate, cost less than $200

Phillips' new E-Series line of monitors bring thin-bezel, color accurate 1080p IPS LED displays to the market in three different sizes without breaking the bank, while also packing in AMD FreeSync technology for gamers.
Computing

Facebook appears set on crafting custom silicon for augmented reality devices

Facebook's latest job postings are seeking engineers and developers for custom augmented reality chipsets, and seem to support speculation that the company is looking to produce AR glasses.
Computing

Windows handwriting-recognition tool may pose security risk

A Windows file that is designed to help improve the platform's ability to translate your handwritten notes into readable text may be a security concern. One researcher found it contained passwords and email contents.
Computing

Nvidia GeForce RTX 2080 vs. RTX 2080 Ti

Nvidia's RTX 2080 Ti is a beast of a graphics card, packing in RT, Tensor, and CUDA cores to enhance your gaming experience. We'll compare the Ti variant to the standard RTX 2080, and we'll let you know which card to buy.
Computing

Nvidia GeForce RTX 2080 vs. GTX 1080

Should you upgrade from your GeForce GTX 1080 to the GeForce RTX 2080? Even if you won't take advantage of ray tracing, there are other benefits to the RTX series. We'll examine how each GPU performs to help you decide.
Computing

We tested Nvidia’s RTX 2080 and 2080 Ti. Are they a worthy upgrade?

We finally have Nvidia's newest graphics cards, the RTX 2080 and 2080 Ti, and put them through our standard suite of benchmarks and game tests to see how they performed in a standard play of Battlefield 1 and Fornite. How do they compare to…