LastPass Security Bug Fix Released — Users Should Update Now
by Shelly Kramer | September 16, 2019

The News: LastPass security bug fix has been released, and users of the popular password manager should update now. The LastPass security bug was discovered and reported by Project Zero’s Travis Ormandy, part of Google’s elite security and bug-hunting team. The LastPass security bug could possibly have revealed credentials entered by users on sites previously visited. To be safe, users should make sure they have installed and are running the most current version of the LastPass password manager. Read more at ZDNet.

LastPass Security Bug Fix Released

Analyst Take: Security breaches, or vulnerabilities, are discovered on a daily basis. The good news about the LastPass vulnerability is that it was a bug and reported fixed by LastPass on September 12th — and, more importantly, there is no evidence of or reason to fear the bug was discovered and exploited in the wild.

According to the company, the bug discovered by Project Zero could be used to potentially lure visitors to fill a password via LastPass, but then would take them to a compromised site and trick the user into an action that would reveal credentials from the site previously visited.

It’s important to note that this bug was limited to Google’s Chrome and Microsoft’s Opera browsers, but that the fix developed by LastPass was sent to all browsers.

Next Steps for LastPass Users

While the company pushed an update live to all browsers on Friday of last week, it makes sense to be cautious. If you’re a LastPass user, it would be a good idea to not rely on auto updates to your browser extensions, but instead to check that you are running version 4.33.0, which is the update issued on September 12, 2019.

Beyond this bug discover, this is a good reminder for all that security breaches are an omnipresent threat to businesses of all sizes. Using a password manager should be SOP for all businesses today. A password manager, for business or for personal use, combined with multifactor authentication protocols on top of a password manager, is one of the safest routes to keeping your data, business and personal, protected.

The second most important thing you can do as it relates to security breaches: Regular and ongoing employee security awareness training.

Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.

Photo Credit: ZDNet

Read more analysis from Futurum Research:

DXC Appoints New CEO: Ushering In A New Era? 

Stitch Fix: A Useful Case Study For Retail’s Digital Transformation 

Facebook Libra Cryptocurrency a No-Go in France

About the Author

A serial entrepreneur with a technology centric focus, Shelly has worked with some of the world’s largest brands to lead them into the digital space, embrace disruption, understand the reality of the connected customer, and help navigate the process of Digital Transformation. Read Full Bio.