However, while LastPass supports more sites, it falls short of the Dashlane offering by forcing you to change one password at a time, rather than doing all supported sites en-mass, and not yet supporting sites that employ two-factor authentication. Two of the recommendations are generic in nature, and should be followed anyway, but one is specifically geared to protecting your account from the vulnerability …Īfter password manager Dashlane grabbed the limelight yesterday with an automated password changer for 50 top US websites, LastPass has hit back with its own version of the same feature. Password-manager LastPass is recommending that users follow precautionary steps while it works on fixing a vulnerability discovered over the weekend. LastPass has now provided details of the issue in a blog post, but warns that the obscure nature of the vulnerability means that the explanation is highly technical. Please ensure you are running the latest version (4.1.44 or higher), which can always be downloaded at. Most users will be updated automatically. On Saturday, March 25th, security researcher Tavis Ormandy from Google’s Project Zero reported a security finding related to the LastPass browser extensions. In the last 24 hours, we’ve released an update which we believe fixes the reported vulnerability in all browsers and have verified this with Tavis himself. The company said that this has now been done, and most users will be automatically updated to version 4.1.44. Google security researcher Tavis Ormandy reported a client-side vulnerability in the LastPass desktop browser extensions, but neither he nor LastPass released any details pending a fix. LastPass says that the browser extension vulnerability has now been patched, and that there is no evidence that it was ever exploited.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |