Security Flaws Discovered in Two Popular VPNs

How secure is your VPN? Can you be absolutely assured whether or not your private data and browsing history remains intact with third parties? And to what extent should you believe your providers’ warranties of flawless protection over your online privacy?

Not so long ago, a Cisco Talos security researcher discovered vulnerabilities in two of the most popular and trustworthy Virtual Private Network providers currently.

Both ProtonVPN and NordVPN experienced the similar issue with their VPN clients, leaving them severely vulnerable. Needless to say, this raised concerns in the VPN community. It’s not unusual for such things to happen. However, ProtonVPN and NordVPN stand as some of the best and most secure Virtual Private Network providers, therefore such mistakes widely affect millions of users all around the world. The unfortunate thing is that these users were not even aware of the problem and all of the potential dangers they were facing at the time.

So, what was all that fuss about?

The issue discovered in both of these Virtual Private Networks was a privilege escalation bug in a patch that was designed to block arbitrary code execution. While ProtonVPN was infected with CVE-2018-4010, NordVPN was impacted by CVE-2018-3952 vulnerability. They both have similar effect. That means the bug would enable an attacker with an easily accessible way to manually run with administrator privileges.

Both ProtonVPN and NordVPN use the OpenVPN protocol to provide maximum protection for their users, by creating an encrypted tunnel between them and the VPN servers. However, as the program needs to be run with administrator rights, this automatically gives the identified bug to have large privileges, including the ability to alter malicious codes.

In other words, the OpenVPN configuration file was infected by the bug, which allowed this security protocol to be altered to contain malicious code, one which can later be executed by attackers on Windows devices. And while the two security bugs, with a high severity rate, were discovered in July, NordVPN delivered a patch for the issue on the 8th of August. On the other hand, Proton fixed the bug at the start of September.

NordVPN immediately addressed the issue, saying that the bug has been fixed long before this information was publicly disclosed and started circulating on the internet. That implies that as long as you have your VPN version updated, you shouldn’t be worried about your safety. The same goes for ProtonVPN.

This is not the first time that this has happened. Both providers earlier addressed another vulnerability, affecting configuration files. Despite fixing the issue, this raises a question –
How safe are you really, even with an installed Virtual Private Network?

To answer your question, you cannot be 100% protected at all times, nor you should believe providers that tell you otherwise. The job of a Virtual Private Network is to keep you safe, protected, and anonymous over the internet. However, these things happen on a regular basis. Nevertheless, a reliable VPN provider won’t allow it for things to get out of control. Instead, the company will try to fix the bug as soon as possible and release a new improved update. It’s on you whether you take things into your own hands afterward, or not. Sometimes the solution is beyond simple.

The Importance of Updating Your VPN

As previously mentioned, by simply updating your VPN, you will get rid of the privilege escalation bug found in the VPN clients. However, not knowing that there might be a problem with the current software version, people rarely tend to update it. This is not only a VPN problem but a software one, in general.

Realizing just how important this can be, you can prevent many bad things from happening to your device and your personal data.

One of the most important reasons why you should do it is precisely to deal with these bugs. Bugs can vary from low-risk to highly malicious threats on your device. As soon as they start to appear, the company behind the software creates new updates of it, where these bugs are ‘squashed” and you get a more efficient version of your app.  Besides, updates are most commonly released to keep you safe from security holes. Therefore, no matter how annoying the pop-up message for updating your software can be, always make sure to do it.

Stop clicking on the “remind me later” button, and instead take 5 minutes of your time to actually do the update. It’s one of the most efficient ways of protecting yourself from such a simple problem, which can turn out to be extremely malicious.