LastPass has removed the vulnerability from the password manager. Chrome and Opera users can breathe a sigh

Share this:

In the popular password manager LastPass, a major security flaw has recently been patched. An error was found in the browser extension that allowed the crafted page to access the credentials used.

Short information on this topic has recently appeared on the LastPass blog. The developers explain that the bug has been resolved by the update and the users are now secure. They also suggest that in practice the use of error was unlikely because several conditions had to be met.

First of all, the LastPass user would have to use the form completion after clicking on the extension icon, and secondly – to hit the infected site and be successfully persuaded to at least a few clicks there. The developers add that the vulnerability affected only Chrome and Opera extensions, but all program variants have been prevented.

  The best applications for reading news from the country and the world

A vulnerability in LastPass was discovered and reported by Tavis Ormanda, one of the researchers at Google Project Zero. It is an organization focused on searching for security gaps and errors, among others in popular software. We recently reported about its activities in the context of iOS updates.

Share this: