The LastPass security bug has been fixed, but users should update now anyway, making sure they are running version 4.33.0. Note that this bug was limited to Google’s Chrome and Microsoft’s Opera browsers, but the fix developed was sent to all browsers. Password managers, while not infallible, are an important part of keeping passwords—and businesses—safe.

LastPass Security Bug Fix Released — Users Should Update Now

In Securityby Shelly KramerLeave a Comment

The LastPass security bug has been fixed, but users should update now anyway, making sure they are running version 4.33.0. Note that this bug was limited to Google’s Chrome and Microsoft’s Opera browsers, but the fix developed was sent to all browsers. Password managers, while not infallible, are an important part of keeping passwords—and businesses—safe.

The News: LastPass security bug fix has been released, and users of the popular password manager should update now. The LastPass security bug was discovered and reported by Project Zero’s Travis Ormandy, part of Google’s elite security and bug-hunting team. The LastPass security bug could possibly have revealed credentials entered by users on sites previously visited. To be safe, users should make sure they have installed and are running the most current version of the LastPass password manager. Read more at ZDNet.

LastPass Security Bug Fix Released

Analyst Take: Security breaches, or vulnerabilities, are discovered on a daily basis. The good news about the LastPass vulnerability is that it was a bug and reported fixed by LastPass on September 12th — and, more importantly, there is no evidence of or reason to fear the bug was discovered and exploited in the wild.

According to the company, the bug discovered by Project Zero could be used to potentially lure visitors to fill a password via LastPass, but then would take them to a compromised site and trick the user into an action that would reveal credentials from the site previously visited.

It’s important to note that this bug was limited to Google’s Chrome and Microsoft’s Opera browsers, but that the fix developed by LastPass was sent to all browsers.

Next Steps for LastPass Users

While the company pushed an update live to all browsers on Friday of last week, it makes sense to be cautious. If you’re a LastPass user, it would be a good idea to not rely on auto updates to your browser extensions, but instead to check that you are running version 4.33.0, which is the update issued on September 12, 2019.

Beyond this bug discover, this is a good reminder for all that security breaches are an omnipresent threat to businesses of all sizes. Using a password manager should be SOP for all businesses today. A password manager, for business or for personal use, combined with multifactor authentication protocols on top of a password manager, is one of the safest routes to keeping your data, business and personal, protected.

The second most important thing you can do as it relates to security breaches: Regular and ongoing employee security awareness training.

Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.

Photo Credit: ZDNet

Read more analysis from Futurum Research:

DXC Appoints New CEO: Ushering In A New Era? 

Stitch Fix: A Useful Case Study For Retail’s Digital Transformation 

Facebook Libra Cryptocurrency a No-Go in France

 

The original version of this article was first published on Futurum Research.

Shelly Kramer

Shelly Kramer is a 20+ year marketing veteran and CEO of V3 Broadsuite, a marketing consultancy, and the President of Broadsuite Media Group. She’s a business strategist focused on B2B digital transformation, and delivering integrated marketing solutions for clients. She’s an expert at omnichannel marketing, content strategy and execution, connecting social media to business initiatives, and helping clients leverage the web for growth and profitability.