A noted Google developer has discovered a troubling flaw in a popular password manager that Windows 10 installs by default. Hackers could get their hands on user passwords via clickjacking and/or malicious code-injection techniques.
Google Project Zero researcher Tavis Ormandy made the discovery while playing around with a Windows 10 virtual machine.