Password manager LastPass creates a workaround for a serious vulnerability affecting browser extensions in Chrome, Firefox, and Microsoft Edge.
Password manager LastPass has fixed a serious vulnerability in its browser extensions for Google Chrome, Mozilla Firefox, and Microsoft Edge. The flaw was discovered by Google's Tavis Ormandy, reports Network World. It could have been exploited to access extensions' internal commands and steal passwords or personal information.
LastPass has put a workaround in place to provide protection from malicious codes and plans to fully fix the flaw in updated versions.
Ormandy later reported another vulnerability in the Firefox extension, which LastPass said was linked to the first. The problem was immediately fixed in a new version of the extension 4.1.36a released the next day.
"No password changes are required of users at this time," say LastPass developers.
Read details on Network World.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024