IPC Vulnerability – Keeper is NOT Affected

A report has been issued by security researchers at USENIX discussing a vulnerability found in several password managers on the market including Dashlane and 1Password that utilize IPC (Inter Process Communication) to exchange data between browser extension and desktop application. The presentation can be found on the USENIX site and the full PDF report can be read here.

 

Keeper is not listed in this report because Keeper is not vulnerable to this exploit.  Keeper does not utilize IPC to communicate between the browser extension and desktop application, by design.

 

I have personally communicated with the authors of this study to receive confirmation that we are not affected, and the researchers noted that Keeper does not use IPC.

 

Keeper’s engineering team specializes in application and cloud security – we make decisions everyday to prioritize security as the core foundation for our products. It’s our standard mode of operation and this commitment to our customers – to protect them, their privacy and their confidential information.

 

If you have any questions about this report, please email security@keepersecurity.com.

 

Thank you,

 

Craig Lurey

CTO & Co-founder

Keeper Security Inc.