Critical vulnerability of 1Password Mac and how to fix it Critical vulnerability of 1Password Mac and how to fix it

1Password is one of the most popular password managers in the world. Apple’s OS X has the Keychain Access app for certificates, keys, account information, and passwords, but not everyone likes it, obviously, thus the third-party products with similar features. 1Password, for example, boasts over 6 million users worldwide, as of this writing, and then, there are other password management programs like KeePass, Kaspersky Password Manager, Bitwarden, etc. (you’ll find links to pages where you can download this software at the end of this post).

The popularity of alternative sensitive data storage software means that vulnerabilities in such programs are of critical importance, and they are reported by the developers, it’s the best scenario (for everyone) realized. AgileBits, the company behind 1Password, understands this perfectly; on August 6, 2024, they published a post to their blog describing a vulnerability and suggesting a remedy for it.

1Password 8 vulnerability

Designated as CVE-2024-42219, it allows attackers to exfiltrate vault items without triggering the app's security protections. This flaw is found in all versions prior to 8.10.36; it was discovered by Robinhood's security team during assessment of the software.

Important: currently, there’s no evidence that this vulnerability has been exploited in the wild, but its public disclosure increases the risk of potential attacks, so the first thing you need to do upon hearing the news is update your 1Password 8 for Mac. AgileBit claims to have patched everything already and released the next version, devoid of the reported flaw. To simplify this process and to keep all your programs updated (and secure!), install Mac Informer automated updater (free, no strings attached, no ads):

Download Mac Informer

Should you wish to switch to a different password manager for Mac…

Even with AgileBits honestly reporting a critical flaw in their software, you may feel inclined to switch to a different program that does the same as 1Password. We’ve got you covered; here are 3 possible replacements:

1. KeePassX, one of the most popular password and account data managers in the world; totally free.

Download KeePassX for Mac

2. Kasperksy Password Manager, a specialized program for keeping sensitive bits of data in a secure environment from one of the leading cybersecurity companies on the planet.

Download Kasperksy Password Manager for Mac

3. Bitwarden, a perfect solution when you need to not only store passwords and other credentials securely, but also share them.

Download Bitwarden for Mac

Author's other posts

Adobe releases Firefly Video Model in public beta
Article
Adobe releases Firefly Video Model in public beta
Adobe releases Firefly Video Model, it's take on the AI-powered video generation system that has a number of advantages over the competition.
AI-based services for all: use Excel like a pro
Article
AI-based services for all: use Excel like a pro
Are there services powered by artificial intelligence that are really helpful for regular users? Here are 5 of them that make using Excel a breeze.
Cybersecurity for the masses: best practices and tools
Article
Cybersecurity for the masses: best practices and tools
Here are some tips and tricks related to cybersecurity, from antivirus software and VPNs to password managers and secure browsing practices.
Is it on? How top AI makers responded DeepSeek’s success
Article
Is it on? How top AI makers responded DeepSeek’s success
DeepSeek shakes up AI, prompting OpenAI, Microsoft, and NVIDIA to react swiftly while Alibaba and ByteDance push forward with new LLMs in a competitive AI landscape.