Users may need to check their computers operating system reinstall and overwriting existing data.

The source describes it more accurately:

Even after the new version is released, the master password may still be stored in the memory files. The researcher warns that it is 100% safe Since it does not reside in the system, you will need to delete your system’s swap and hibernation files, format your hard drive with Data Overwrite mode to prevent data recovery, and perform a fresh installation of the operating system.

for mostRestarting the computer, clearing the swap file and hibernation files, and not using KeePass until the new version is released though. Reasonable safety measures in this time.

Even then, installing a new OS is overkill, because you can also use a free space wiper. These also often have standardized methods for overwriting, which makes them more secure.

Also, an average keylogger can accomplish the same thing.
So if you’re not going to use KeePass because of this exploit, you’re doing so out of fear that local malware will intercept your main pass through this exploit. But even without this exploit, a keylogger can accomplish the same thing. In other words: there isn’t really a significantly increased risk compared to a normal risk. However, it is of course a good idea to fix this.

Also, if KeePass contains important passwords, you shouldn’t just rely on a master pass for authentication, but you should use MFA, eg with Yubikey.
However, it could become more dangerous if there are also vulnerabilities that allow hardware tokens to be bypassed, which may also be possible, depending on whether there are more related vulnerabilities.

[Reactie gewijzigd door Cyb op 21 mei 2023 14:08]