Security News Novel attack against virtually all VPN apps neuters their entire purpose

[numike]

Content source

https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/

Novel attack against virtually all VPN apps neuters their entire purpose

 

[I Walk MY Way]

Click bait

 

[Azazel]

@windscribe ,
does windscribe client have any mitigations against such an attack.

 

[ForgottenSeer 109138]

Most of the VPN providers contain firewall rules and kill switches that can stop such traffic leaks from occurring. Leviathan Security has stated that firewall rules within the apps can negate this attack.

The most vulnerable at the time are VPN providers being used on iOS "Apple" products because they prevent a full creation of a VPN Killswitch.

It is a POC and not one that could be implemented easily on a ISP or cell network. It would take some serious effort.

 

[Azure]

@windscribe ,
does windscribe client have any mitigations against such an attack.

Regarding CVE-2024-3661: TunnelVision

Despite the alarmist claims by some tech publications, "virtually all VPN apps" are NOT vulnerable to this exploit. Windscribe implements a strict firewall that blocks all activity outside of the tunnel (virtual adapter) on all platforms. The only exception we found is on iOS and if you use "Allow LAN Traffic" feature. We're investigating if a fix is even possible with that feature enabled (but you could always disable it).

 

[n8chavez]

Except that not all user use the vpn's app. I don't. I put the wireguard config on my glinet router. I'm not saying I'm worried about this, but simply that not everyone uses the app's firewall.