![]() ![]() If you have any other cyber security or technology related questions, feel free to contact SandStorm IT at 90. If you have the Grammarly browser extension installed, the updated version has been pushed out to all of the extensions, so no further action is required. Google Chrome typically does this in the background. Grammarly acted quickly to issue an update for the extension to fix the security hole, so please make sure you are running the latest version. ![]() If it would have been discovered by criminals first, the outcome could have been much worse. This suggests that it’s likely that the vulnerability was found by Project Zero first, which means the developers at Grammarly had a chance to address the issue before anyone had the opportunity to take advantage of the vulnerability. While this is a very serious security flaw, Grammarly claims that there is no evidence that websites exploited this browser extension’s vulnerability to steal user’s data. Users would not expect that visiting a website gives it permission to access documents from other websites.” How serious is this? I’m calling this a high severity bug, because it seems like a pretty severe violation of user expectations. First, sign-in to Grammarly using your Facebook or Google Account. To get Grammarly on Google Docs, you need to install the Chrome add-on. You can test the free version of Grammarly on your Google Docs before going for the premium version. “The Grammarly chrome extension (approx ~22M users) exposes it’s auth tokens to all websites, therefore any website can login to as you and access all your documents and other data. Grammarly has a free Chrome Plugin that helps you to use it on Google Docs. It only affected Chrome version 14.826.1446.Īccording to the report, around 22 million users are affected: Update: This has been fixed by Grammarly as February 2018.
0 Comments
Leave a Reply. |