Skip to main content

ProtonVPN and NordVPN patched up vulnerabilities before they became known

Mark Coppock/Digital Trends

Following the announcement from Cisco Talos that both NordVPN and ProtonVPN’s internet traffic obfuscating services were vulnerable to a newly discovered bug, both companies have come out with statements of their own to calm the fears of their users. It turns out that the respective flaws were patched out weeks ago, back when no one had heard anything about them.

The flaws in question piggybacked a patch applied by both companies to a bug discovered earlier this year. That April fix had its own flaw in it, according to ZDNet, which made it possible for a theoretical attacker to take control of the user’s system by exploiting the design of both NordVPN and ProtonVPN’s clients. Fortunately, those bugs were patched out well before the general public was made aware of them.

Recommended Videos

“The vulnerability described in their report no longer exists on our systems. When it did, it was completely undocumented and quite possibly unknown to anyone in the world,” NordVPN said on its blog. “When they discovered the CVE vulnerability in our and other VPN providers’ systems, Talos Intelligence, like all ethical security research firms, approached us with the news first before publishing it. They waited until we fixed the problem before publishing their findings to ensure that no VPN users were exposed to any additional risk.”

Please enable Javascript to view this content

ProtonVPN released its own statement to ZDNet, claiming that the fix it has now implemented would eliminate all bugs of this type, but it will continue to investigate the issue to make sure.

Also of import is the fact that this particular exploit required hard access to a victim’s machine in the first place. That meant that even if this bug hadn’t been patched out, an attacker would have to have physical or remote access to the machine through a guest account or malware attack to execute the VPN exploit. As NordVPN pointed out in its blog post, if a hacker already has such access to a system, there are many other options they would have to further the attack. This exploit would merely be one extra attack vector.

With that in mind, this security breach wasn’t as damaging as some may have made out, but regardless, it’s good to see companies like NordVPN and ProtonVPN responding so swiftly to the problem.

If you want to make sure that your system is as protected as it can be, just run the updater within your VPN software to download the latest version if it hasn’t done so automatically.

For a look at some of our favorite VPNs, here’s our guide to the best.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
How many devices can you use NordVPN on?
The NordVPN logo appears on a MacBook.

When picking out the best VPN for your needs, the number of devices you're able to use with it is generally very important. These days, we all have at least a computer and smartphone. Often, however, there are far more devices at one's disposal. These can include tablets, games consoles, smart TVs, and even smart home devices like light bulbs. Considering NordVPN? We've got you covered with everything you need to know about how many devices you can use with it.

How many devices can you use NordVPN on?
NordVPN allows you to use up to six devices at once while connected to one NordVPN account. That should be more than enough for the majority of users. You can hook up your computer, smartphone, tablet, and much more through the service.

Read more
NordVPN vs. CyberGhost: Which VPN is best for you?
The NordVPN logo appears on a MacBook.

If you're looking for the best VPN, you may have come across a lot of different choices, but a few may stick out to you due to how popular they seem to be among analysts and experts. While that may narrow it down some, there seem to be so many VPN deals on the internet that you quickly get overwhelmed with the abundance of options to choose from. The Digital Trends team is here to help you make your choice with our new series of comparative articles that compare and contrast the biggest VPN names on the market. For today's article, we present you with two huge names in the industry: NordVPN and CyberGhost.

Whatever you may use your VPN subscription for, this article will go over the pros and cons of each service and whether it may be right for you. If you want to find the best VPN for streaming with a good Netflix VPN, we'll discuss that in this article. Conversely, if you care more about security and privacy, we'll go extremely in-depth about what makes these VPNs tick. Or, if you're just looking to compare prices between two services and bag yourself a potential VPN free trial, we've got your back. Without further hesitation, let's dive in and analyze NordVPN vs CyberGhost and which may be better for you.

Read more
NordVPN vs. ExpressVPN: Which VPN is best for you?
generic VPN on Mac from pexels by stefan coders.

The best VPN is a tough one to figure out. With so many different options out there, it can feel like a battle to know how to trawl through the VPN deals out there and find the right service for you. However, it really doesn't have to be. That's because we're on hand to help you figure out which is the best between two of the biggest names in the VPN world -- NordVPN and ExpressVPN.

With multiple different reasons to sign up for a VPN, it's worth evaluating the strengths and weaknesses of the most popular services. Whether you're looking for the best VPN for streaming, looking for a Netflix VPN or you're simply keen to check out a VPN free trial, we've got your back.

Read more