Latest in Gear

Image credit:

LastPass patched a bug that could have exposed your passwords

You’ll want to make sure you’re running the latest version.
Christine Fisher, @cfisherwrites
September 16, 2019
Share
Tweet
Share

Sponsored Links

Towfiqu Photography via Getty Images

If you use LastPass to manage your passwords, now would be a good time to make sure you're running the latest version, 4.33.0. As Gizmodo reports, LastPass recently patched a bug that could have been used to compromise users' security credentials. The patch should have arrived automatically, but as a precaution, it's worth making sure you're running the September 12th update.

Security researcher Tavis Ormandy, of Google's Project Zero, notified LastPass of the bug. The flaw could have allowed hackers on malicious sites to access users' credentials entered on the previous site. Fortunately, there's no reason to believe the bug was exploited, and while it only impacted Chrome and Opera browsers, LastPass patched all browser extensions.

This isn't the first time LastPass has fixed a security flaw. A couple years ago, it found a vulnerability in its fingerprint verification. Before that, LastPass fixed security problems on Chrome and Firefox.

This doesn't mean that password managers are unreliable, just that they're not foolproof. Password managers are still a good idea, but they aren't a perfect security measure on their own. They should be used in conjunction with multi-factor authentication, and you need to keep them updated.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

‘Babylon 5 Remastered’ now available to buy or stream on HBO Max

‘Babylon 5 Remastered’ now available to buy or stream on HBO Max

View
Google reveals North Korean-backed campaign targeting security researchers

Google reveals North Korean-backed campaign targeting security researchers

View
Apple shuffles hardware execs to make room for a mysterious new project | Engadget

Apple shuffles hardware execs to make room for a mysterious new project | Engadget

View
Samsung's Galaxy Watch 3 ECG tracking comes to 31 more countries

Samsung's Galaxy Watch 3 ECG tracking comes to 31 more countries

View
A personal trainer app guilt-tripped me into exercising (and it worked)

A personal trainer app guilt-tripped me into exercising (and it worked)

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr