A Google security researcher has discovered that the included third-party password manager in Windows 10, Keeper, comes with a security vulnerability that injects privileged UI into web apages that exposes a user's passwords.
https://www.notebookcheck.net/Windows-10-s-included-password-manager-can-pose-a-security-risk.272674.0.html