Image Not FoundImage Not Found

  • Home
  • Computing
  • Unveiling the Mystery: ExpressVPN’s Windows Dilemma with Split-Tunneling and DNS Leaks
Unveiling the Mystery: ExpressVPN's Windows Dilemma with Split-Tunneling and DNS Leaks

Unveiling the Mystery: ExpressVPN’s Windows Dilemma with Split-Tunneling and DNS Leaks

ExpressVPN, a leading VPN service provider, recently made headlines for temporarily suspending its split-tunneling feature on its Windows app. The reason? A pesky bug that was misdirecting DNS requests, causing a potential security risk for users. The bug was first brought to light by tech expert Attila Tomaschek from CNET, who noticed the issue on his own Windows computer.

In response to the bug, ExpressVPN wasted no time in addressing the problem. The company released a statement on its blog, reassuring users that although the bug affected less than 1% of users on a single app platform – Version 12 for Windows – they took proactive measures to disable split tunneling on that platform entirely. This quick action was aimed at safeguarding all users until the issue could be thoroughly investigated and resolved by their team of engineers.

For those unfamiliar with split-tunneling, it’s a nifty feature that allows users to selectively choose which apps and programs should be routed through the VPN and which should maintain a connection to their local network. Typically, when utilizing split-tunneling with ExpressVPN, DNS requests for selected apps are securely sent through the VPN’s servers. However, due to the bug, some of these requests were being redirected to a third-party server, potentially compromising user privacy and security.

The bug, which surfaced in May 2022 with version 12.23.1 and persisted through February with version 12.72.0, is believed to have impacted a small fraction of users on the Windows app. ExpressVPN clarified that the bug was most noticeable when using the specific split tunneling mode ‘Only allow selected apps to use the VPN.’ Users who had not activated split tunneling or had chosen the alternative mode ‘Do not allow selected apps to use the VPN’ were not affected by the bug. The company also assured users that other essential VPN protections, such as encryption, remained intact.

As a precautionary measure, ExpressVPN has disabled the split-tunneling feature on its Windows app and will keep it deactivated until an official fix is released. In the meantime, users who rely on split-tunneling can still access the feature using Version 10 of the ExpressVPN Windows app, which is confirmed to be functioning correctly. ExpressVPN’s prompt response to the bug highlights their commitment to user safety and privacy, ensuring that their service maintains the high standards expected from a reputable VPN provider.