Skip to content

February 6, 2018

Grammarly patches bug that could expose everything you write

by John_A

Grammarly, a copyediting extension for Chrome and Firefox that points out typos and grammatical mistakes, had a major bug that allowed any website you visit to log into your account and read everything you ever wrote. It made all your documents, history, logs, tweets and blog posts vulnerable to high-tech snoops. Google’s Project Zero, which unearths and tracks vulnerabilities and reports them to software-makers, revealed the bug on February 2nd. Thankfully, the Grammarly team has quickly patched it up and has already auto-updated the extension used by over 20 million users.

Project Zero researcher Travis Ormandy called the vulnerability a “high-severity bug” since it severely violates users’ expectations of privacy and security. Grammarly told Gizmodo that it managed to issue a patch before it caused problems — Ormandy said the company rolled out a fix within hours of his report — and that there’s no evidence that anybody’s information was compromised. It’s keeping an eye out for any suspicious activity, though… as it should, because the vulnerability had the potential to expose more than just your typos.

Source: Travis Ormandy (Twitter), (2)

Read more from News

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: