A flaw in 1Password 8 for macOS may leave vault items exposed to hackers or malware.

This issue, identified asCVE-2024-42219, is due to an incomplete XPC inter-process communication implementation.

In plain English, the thing that’s supposed to prevent untrusted apps from talking to 1Password is broken.

Editing a screenshot in Shottr’s editor on a Mac.

That said, 1Password 7 is discontinued and no longer receives regular security updates.

We do not recommend using 1Password 7.

The 1Password desktop app is very good at updating itself.

Be Quiet CPU cooler with RGB RAM and PC fan inside a gaming computer.

If you’re running version 8.10.36 or 8.10.38, you’re all good.

Auto-updates may fail if 1Password isn’t regularly used or if the app’s background processes are disabled.

Or, click “Restart Now” if the app has already detected a new update.

A screenshot of the 1Password ‘About’ page with the current version number highlighted.

Andrew Heinzman / How-To Geek