InfoSecBulletin Cybersecurity for mankind
Google fixed a bug in Chrome’s Password Manager that caused user credentials to vanish temporarily. A problem with Google Chrome’s Password Manager caused an 18-hour outage on Wednesday. This affected users who use the tool to save and automatically fill in their passwords.
Many users said they couldn’t find their passwords in Google Password Manager, only their usernames. The company clarified that user data was not lost. About 2% of Windows users who updated to Chrome version 127 were affected by the problem. The issue only affected users who updated to Chrome version 127.0.6533.73. “A significant number of users were unable to find or save passwords in the password manager for Chrome browser, for a period of 17 hours, 51 minutes.
Cisco released security updates for two critical security flaws
OpenBAS: Cutting-edge breach and attack simulation platform
Critical Security Flaws Patched in Zyxel Networking Devices
CVE-2024-38811: CEV In VMware Fusion Unveiled
CERT-IN Warns Vulnerabilities in Palo Alto Networks applications
How Malaysia’s Data Centre Industry Poised for Growth
RansomHub exfiltrated data over 210 victims: US alert
Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw
New Cicada ransomware targets VMware ESXi servers
Monday hits two UK bank apps causes outages
From the preliminary analysis the root cause of the issue is a change in product behavior without proper feature guard. Google engineers mitigated the issue by deploying a fix. Google will complete a full IR in the following days that will provide a full root cause.” read the statement published by the Google on the Workspace Status Dashboard. “Impacted users were unable to find passwords in Chrome’s password manager. Users can save passwords, however it was not visible to them. The impact was limited to the M127 version of Chrome Browser on the Windows platform.”
Google published a preliminary root cause analysis report, linking the worldwide outage to a “change in product behavior” and confirming a fix was pushed on Thursday.
Google published a report on what caused the worldwide outage, linking it to a “change in product behavior” and confirming that a fix was applied on Thursday. “Impacted users were unable to find passwords in Chrome’s password manager. Users can save passwords, however it was not visible to them. The impact was limited to the M127 version of Chrome Browser on the Windows platform,” the company says.
Google also suggests that users should restart their web browser to make sure the bug no longer affects their password manager.
If the fix doesn’t reach your system even after restarting the Chrome browser, Google suggests launching it with the ” –enable-features=SkipUndecryptablePasswords” command line flag using these steps:
Locate the Chrome shortcut on the desktop.If you don’t have it, go to chrome://settings/manageProfile and enable “Create desktop shortcut” at the bottom.
Fully exit Chrome Go to the desktop and right-click the shortcut, then click Properties.
To the target field, paste the following string to the end ” –enable-features=SkipUndecryptablePasswords”. Close the dialog with OK and launch Chrome using this shortcut.
