However, this bug caused some DNS queries to be sent to the DNS server configured on the computer, usually a server at the user’s ISP, allowing the server to track a user’s browsing habits.

  • LWD@lemm.ee
    link
    fedilink
    arrow-up
    35
    ·
    9 months ago

    AdTech company buys out ExpressVPN for nearly a billion dollars in 2021, product proceeds to start leaking data in 2022. I’m not saying that bit malicious, but talk about being sloppy with your purchase.

  • thebuoyancyofcitrus@beehaw.org
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    9 months ago

    The bug was introduced in ExpressVPN Windows versions 12.23.1 – 12.72.0, published between May 19, 2022, and Feb. 7, 2024, and only affected those using the split tunneling feature.