The best thing to do is to create an enforced configuration file. While KeePass’s developers appear unwilling to fix the issue, there are steps you can take yourself. KeePass cannot magically run securely in an insecure environment.” What can you do? The solution, the developers argue, is “keeping the environment secure (by using an anti-virus software, a firewall, not opening unknown e-mail attachments, etc.). If an attacker has access to your computer, fixing the XML exploit won’t help. The line of reasoning is that worrying about this kind of attack is like shutting the door after the horse has bolted. Attackers could install a keylogger to get the master password, for instance. In other words, once someone has access to your device, this kind of XML exploit is unnecessary.
However, the developers of KeePass have disputed the classification of the process as a vulnerability, since anyone who has write access to a device can get their hands on the password database using different (sometimes simpler) methods. The threat actor can then extract the exported database to a computer or server they control. Thanks to the changes made to the XML file, the process is all done automatically in the background, so users are not alerted that their database has been exported.
0 kommentar(er)
