Open-source password-management tool KeePass 2.34 has been released for Windows. The new release’s headline feature is a digitally signed version information file, which is used to check for updates. The feature was unveiled after a potential vulnerability was discovered whereby hackers could dupe KeePass users into downloading malware through the online update check. After the publication of articles revealing the man-in-the-middle vulnerability, KeePass announced its plans to implement digital signing in the version update file to ensure future version checks could not be hijacked. This has now been implemented in version 2.34, with the program now downloading the file over… [Continue Reading]