Skip to main content
  1. Home
  2. Computing
  3. News

ProtonVPN and NordVPN patched up vulnerabilities before they became known

Jon Martindale
By
Mark Coppock/Digital Trends

Following the announcement from Cisco Talos that both NordVPN and ProtonVPN’s internet traffic obfuscating services were vulnerable to a newly discovered bug, both companies have come out with statements of their own to calm the fears of their users. It turns out that the respective flaws were patched out weeks ago, back when no one had heard anything about them.

The flaws in question piggybacked a patch applied by both companies to a bug discovered earlier this year. That April fix had its own flaw in it, according to ZDNet, which made it possible for a theoretical attacker to take control of the user’s system by exploiting the design of both NordVPN and ProtonVPN’s clients. Fortunately, those bugs were patched out well before the general public was made aware of them.

Recommended Videos

“The vulnerability described in their report no longer exists on our systems. When it did, it was completely undocumented and quite possibly unknown to anyone in the world,” NordVPN said on its blog. “When they discovered the CVE vulnerability in our and other VPN providers’ systems, Talos Intelligence, like all ethical security research firms, approached us with the news first before publishing it. They waited until we fixed the problem before publishing their findings to ensure that no VPN users were exposed to any additional risk.”

Related

ProtonVPN released its own statement to ZDNet, claiming that the fix it has now implemented would eliminate all bugs of this type, but it will continue to investigate the issue to make sure.

Also of import is the fact that this particular exploit required hard access to a victim’s machine in the first place. That meant that even if this bug hadn’t been patched out, an attacker would have to have physical or remote access to the machine through a guest account or malware attack to execute the VPN exploit. As NordVPN pointed out in its blog post, if a hacker already has such access to a system, there are many other options they would have to further the attack. This exploit would merely be one extra attack vector.

With that in mind, this security breach wasn’t as damaging as some may have made out, but regardless, it’s good to see companies like NordVPN and ProtonVPN responding so swiftly to the problem.

If you want to make sure that your system is as protected as it can be, just run the updater within your VPN software to download the latest version if it hasn’t done so automatically.

For a look at some of our favorite VPNs, here’s our guide to the best.

Editors' Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
NordVPN vs. CyberGhost: Which VPN is best for you?
The best VPN for Mac is NordVPN.

If you're looking for the best VPN, you may have come across a lot of different choices, but a few may stick out to you due to how popular they seem to be among analysts and experts. While that may narrow it down some, there seem to be so many VPN deals on the internet that you quickly get overwhelmed with the abundance of options to choose from. The Digital Trends team is here to help you make your choice with our new series of comparative articles that compare and contrast the biggest VPN names on the market. For today's article, we present you with two huge names in the industry: NordVPN and CyberGhost.

Whatever you may use your VPN subscription for, this article will go over the pros and cons of each service and whether it may be right for you. If you want to find the best VPN for streaming with a good Netflix VPN, we'll discuss that in this article. Conversely, if you care more about security and privacy, we'll go extremely in-depth about what makes these VPNs tick. Or, if you're just looking to compare prices between two services and bag yourself a potential VPN free trial, we've got your back. Without further hesitation, let's dive in and analyze NordVPN vs CyberGhost and which may be better for you.

Read more
NordVPN vs. ExpressVPN: Which VPN is best for you?
generic VPN on Mac from pexels by stefan coders.

The best VPN is a tough one to figure out. With so many different options out there, it can feel like a battle to know how to trawl through the VPN deals out there and find the right service for you. However, it really doesn't have to be. That's because we're on hand to help you figure out which is the best between two of the biggest names in the VPN world -- NordVPN and ExpressVPN.

With multiple different reasons to sign up for a VPN, it's worth evaluating the strengths and weaknesses of the most popular services. Whether you're looking for the best VPN for streaming, looking for a Netflix VPN or you're simply keen to check out a VPN free trial, we've got your back.

Read more
How to set up a VPN
best VPN services

A virtual private network, or VPN, keeps others from tracking your movements online and makes your IP address untraceable. In times such as these, it could be beneficial to use a VPN to protect your network and data. If a VPN is in your future, but you are unsure how to set one up, this is the guide for you. We will discuss how to set up and use your VPN on Windows and MacOS PCs.
Step 1: Sign up and install your chosen VPN
Whether you pick a firm favorite like NordVPN or our current top choice, Private Internet Access, you will need to install the VPN client. Most top VPNs offer apps for Windows, MacOS, Linux, and both Android and iOS mobile devices, so download the program from either your respective app store or the official website and install it as usual.

You'll need to sign up for the service to get an official account, but once concluded, take your login information and enter it into the software to access the VPN service.

Read more