- Aug 30, 2012
- 6,598
Following the security vulnerability discovered on 22. March,
LastPass Chrome & Firefox Extensions Affected by Critical Bug (Patched)
To expand on the issue, LastPass also put up a post today, in which they made it clear that a fix is being worked on. The client side vulnerability discovered over the weekend allows for an attack that is "unique and highly sophisticated". As such, the firm declined to disclose anything specific about either the vulnerability or the patch, until everything is said and done. The reasoning given is that doing so could "reveal anything to less sophisticated but nefarious parties", which is of course not the intention.
As a precaution, until everything is sorted, LastPass recommends you launch sites directly from the vault (to protect your sign-in credentials), use two-factor authentication on every service that offers it, and to stay vigilant to avoid phishing attempts.
Source: LastPass Blog
LastPass Chrome & Firefox Extensions Affected by Critical Bug (Patched)
To expand on the issue, LastPass also put up a post today, in which they made it clear that a fix is being worked on. The client side vulnerability discovered over the weekend allows for an attack that is "unique and highly sophisticated". As such, the firm declined to disclose anything specific about either the vulnerability or the patch, until everything is said and done. The reasoning given is that doing so could "reveal anything to less sophisticated but nefarious parties", which is of course not the intention.
As a precaution, until everything is sorted, LastPass recommends you launch sites directly from the vault (to protect your sign-in credentials), use two-factor authentication on every service that offers it, and to stay vigilant to avoid phishing attempts.
Source: LastPass Blog
