Skip to main content
  1. Home
  2. Computing
  3. News

ProtonVPN and NordVPN patched up vulnerabilities before they became known

By
Mark Coppock/Digital Trends

Following the announcement from Cisco Talos that both NordVPN and ProtonVPN’s internet traffic obfuscating services were vulnerable to a newly discovered bug, both companies have come out with statements of their own to calm the fears of their users. It turns out that the respective flaws were patched out weeks ago, back when no one had heard anything about them.

The flaws in question piggybacked a patch applied by both companies to a bug discovered earlier this year. That April fix had its own flaw in it, according to ZDNet, which made it possible for a theoretical attacker to take control of the user’s system by exploiting the design of both NordVPN and ProtonVPN’s clients. Fortunately, those bugs were patched out well before the general public was made aware of them.

Recommended Videos

“The vulnerability described in their report no longer exists on our systems. When it did, it was completely undocumented and quite possibly unknown to anyone in the world,” NordVPN said on its blog. “When they discovered the CVE vulnerability in our and other VPN providers’ systems, Talos Intelligence, like all ethical security research firms, approached us with the news first before publishing it. They waited until we fixed the problem before publishing their findings to ensure that no VPN users were exposed to any additional risk.”

Related

ProtonVPN released its own statement to ZDNet, claiming that the fix it has now implemented would eliminate all bugs of this type, but it will continue to investigate the issue to make sure.

Also of import is the fact that this particular exploit required hard access to a victim’s machine in the first place. That meant that even if this bug hadn’t been patched out, an attacker would have to have physical or remote access to the machine through a guest account or malware attack to execute the VPN exploit. As NordVPN pointed out in its blog post, if a hacker already has such access to a system, there are many other options they would have to further the attack. This exploit would merely be one extra attack vector.

With that in mind, this security breach wasn’t as damaging as some may have made out, but regardless, it’s good to see companies like NordVPN and ProtonVPN responding so swiftly to the problem.

If you want to make sure that your system is as protected as it can be, just run the updater within your VPN software to download the latest version if it hasn’t done so automatically.

For a look at some of our favorite VPNs, here’s our guide to the best.

Editors' Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Is NordVPN free? A detailed look at how much the service costs
The NordVPN logo on a purple background.

If you're thinking about signing up for a new VPN, you're almost certainly wondering how much NordVPN costs. As one of the biggest names in VPNs out there, NordVPN is a hugely tempting proposition whatever the price. However, the NordVPN cost is actually pretty reasonable for what it provides. If you want to know all about the NordVPN price structure and learn a little bit about the best VPN out there, we have all the details on the NordVPN price along with whether there's a free trial out there. Read on while we guide you through it.
Today's best NordVPN deals

How much does NordVPN cost?
There are plenty of different options available to you with the VPN providing an extensive pricing structure that means plenty of flexibility when it comes to spreading out the NordVPN cost.

Read more
Is NordVPN safe? A look at its safety and security measures
The NordVPN logo on a purple background.

If you're a semi-regular user of the internet, you might have seen NordVPN pop up in advertisements or as sponsored content on YouTube and around the internet. NordVPN is, by far, the most popular VPN on the market right now. Being the frontrunner in any industry comes with a lot of scrutiny and competition, and many great VPNs are knocking on the door of NordVPN's dominance.

However, seeing as most casual internet users are exposed to NordVPN the most, we've decided to take an extensive look into the service and analyze what you get out of your subscription. We analyzed all the security features the service offers and what the company does with your privacy and information. If you worry about your online identity and data when browsing the internet, we encourage you to read on so you can grasp the full scope of whether NordVPN is safe.
Why use NordVPN
Companies need to ensure that their service shows up first to an untapped audience in this attention-based economy on the internet. The vast majority of customers base their purchasing decisions on the first few search results shown to them, including advertisements. After a quick search of the very broad term 'VPN' with millions of searches a month, you'll see that NordVPN is consistently the top result. Now, we understand that marketing power and budget don't necessarily indicate a strong product.  It provides a lot of exposure, though, which allows the general community to test the product and give unbiased reviews. And NordVPN frequently tops everyone's best VPN lists. It's also our pick for the best Fire TV Stick VPN and the best Chrome VPN extension.

Read more
How to set up a VPN
best VPN services

A virtual private network, or VPN, keeps others from tracking your movements online and makes your IP address untraceable. In times such as these, it could be beneficial to use a VPN to protect your network and data. If a VPN is in your future, but you are unsure how to set one up, this is the guide for you. We will discuss how to set up and use your VPN on Windows and MacOS PCs.
Step 1: Sign up and install your chosen VPN
Whether you pick a firm favorite like NordVPN or our current top choice, Private Internet Access, you will need to install the VPN client. Most top VPNs offer apps for Windows, MacOS, Linux, and both Android and iOS mobile devices, so download the program from either your respective app store or the official website and install it as usual.

You'll need to sign up for the service to get an official account, but once concluded, take your login information and enter it into the software to access the VPN service.

Read more