Grammarly started off as a tool that let people check their grammar in their writing, and also offered users suggestions on what they could change to make it better. It eventually found its way onto browsers and also as a keyboard app, but unfortunately it seems that a recent bug was discovered that could have had disastrous consequences.
In a report from Tavis Ormandy of Google’s Project Zero (via Cyberscoop), it seems that the browser extension version of Grammarly had a huge bug in the form of a security hole that more or less gave hackers access to everything that the extension recorded, which includes the things that you type.
This means that it could have exposed all manner of sensitive documents or emails in the process. However the good news is that after being notified of the security hole, Grammarly was quick to patch it in which Ormandy commended the company for it, calling it a “really impressive response time”.
The fix should apply to both the Chrome and Firefox extensions. As to whether or not the security flaw was exploited is unclear, although Grammarly insists that there is no evidence to suggest that it was, and that they will continue to monitor the situation for any potential unusual activity.
Filed in . Read more about Chrome, Firefox, Grammarly and Security.