(MENAFN- NewsBytes) If you use LastPass password manager, better check if the latest version -4.33.0- of the program is running on your machine's browser.
The action is sought as an older version of the tool carries a bug capable of compromising your confidential passwords.
The issue was discovered last month and fixed just recently.
Here's all you need to know about it.
Issue
How LastPass could have leaked your passwords?
LastPass dominates as the finest password manager, but a few weeks back, security researcher Tavis Ormandy discovered a major security issue in the service.
He found that the program's Chrome and Opera extensions had a bug that could have been exploited by a malicious site - like one masked with Google Translate - to give away the password used on a previously visited website.
Working
Users had to click several times to fall for trap
Detailing the bug, LastPass's Security Engineering Manager, Ferenc Kun, claimed that the issue would have worked only when someone was tricked into visiting a malicious site and clicking on it 'several times'.
But, the good part is, the bug was fixed before being publicly disclosed, and that there is no evidence indicating that the issue was exploited by any malicious actor in the wild.
Love Tech news?
Stay updated with the latest happenings.
Yes, notify me
Fix
Fix likely to be applied automatically
LastPass says that it had released a fix for the issue on September 13, which should apply automatically on all browsers, including the affected ones - Chrome and Opera.
However, if you are someone who has disabled automatic extension updates on your browser, better head over into the settings of the program and update LastPass to version 4.33.0.
Important
Still, you shouldn't ditch LastPass
All major programs, including the highly popular password managers, are susceptible to occasional bugs.
The issue was fixed quickly after being discovered, and there is no risk to all the passwords you have stored in your LastPass vault.
If anything, we would recommend turning two-factor authentication on so that all essential accounts never get breached, even if your password does.
Share this timeline
MENAFN1709201901650000ID1099015200
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.