Skip to main content
  1. Home
  2. Web
  3. News

You should update the LastPass password manager browser extension immediately

By

The developers behind popular password manager LastPass have patched a loophole that exposed your last used password. Originally discovered in August by Tavis Ormandy, a researcher from Google’s Project Zero, the security flaw allowed malicious websites to trick the browser extension into giving away credentials you entered on a previous site.

LastPass says it rolled out an update for the browser add-on on September 13th, two weeks after the vulnerability was first reported by Ormandy.

Recommended Videos

In order to exploit the bug — which possibly only existed on Google Chrome and Opera — attackers simply had to create a fraudulent link masquerading as a URL from websites someone would trust, such as Google Translate. Once the person clicked the link, the hack required no user interaction and immediately executed an automated script which extracted your last used password.

Related

“We quickly worked to develop a fix and verified the solution was comprehensive with Tavis. We have now resolved this bug; no user action is required and your LastPass browser extension will update automatically,” the company added in a blog post.

While the circumstances for the bug’s misuse are limited, these activities are common on the internet and even if they affected a fraction of LastPass’ user base, it would have cost thousands of users their sensitive data.

The fix should be applied to your browser automatically. However, it’s best to double-check by manually updating the LastPass extension.

How to manually update the LastPass password manager

To manually updated LastPass, click the three-dots at the top right corner of Google Chrome and go to More Tools > Extensions. Scroll down until you find LastPass. Click the Details button on LastPass’ card and then hit the Update button at the top.

On Opera, you can’t force updates and your only option is to reinstall the extension.

Even though you’d expect password managers to be built on the most secured frameworks, security vulnerabilities such as this one can happen. A similar security vulnerability on LastPass’ browser extension previously enabled malicious attackers to steal users’ passwords. Therefore as an added security measure, we recommend switching on two-factor authentication for your accounts.

Editors’ Recommendations

Topics
Shubham Agarwal
Shubham Agarwal
Former Digital Trends Contributor
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
How to change margins in Google Docs
Laptop Working from Home

When you create a document in Google Docs, you may need to adjust the space between the edge of the page and the content --- the margins. For instance, many professors have requirements for the margin sizes you must use for college papers.

You can easily change the left, right, top, and bottom margins in Google Docs and have a few different ways to do it.

Read more
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more
Microsoft Word vs. Google Docs
A person using a laptop that displays various Microsoft Office apps.

For the last few decades, Microsoft Word has been the de facto standard for word processors across the working world. That's finally starting to shift, and it looks like one of Google's productivity apps is the heir apparent. The company's Google Docs solution (or to be specific, the integrated word processor) is cross-platform and interoperable, automatically syncs, is easily shareable, and perhaps best of all, is free.

However, using Google Docs proves it still has a long way to go before it can match all of Word's features -- Microsoft has been developing its word processor for over 30 years, after all, and millions still use Microsoft Word. Will Google Docs' low barrier to entry and cross-platform functionality win out? Let's break down each word processor in terms of features and capabilities to help you determine which is best for your needs.
How does each word processing program compare?
To put it lightly, Microsoft Word has an incredible advantage over Google Docs in terms of raw technical capability. From relatively humble beginnings in the 1980s, Microsoft has added new tools and options in each successive version. Most of the essential editing tools are available in Google Docs, but users who are used to Word will find it limited.

Read more