Technology News

latest updates from easySERVICE™

IE add-on vulnerability


LastPass Monday issued an update for its password management software including a fix for a vulnerability that exposed passwords stored in Internet Explorer, the company said on its blog.

The vulnerability, which requires a number of steps and conditions to exploit, was in the LastPass add-on for IE. The vulnerability did not affect any LastPass add-ons for other browsers.

The company is recommending that users upgrade to its new version.

The update fixes an issue that affected users logged into the LastPass IE extension version 2.0.20. The site passwords used in IE by those users “were potentially accessible in a memory dump,” according to the company’s blog.

The company said exposure to the vulnerability was minimal and that as “soon as the browser session was ended, the data was cleared from memory.  Privacy and security of our users’ data is paramount. Malware is essentially the only way this could be exploited and we continue to encourage you to utilize anti-malware to protect your data.”

LastPass also included sync, password configurations, and history updates, and support for IE 11 in the latest version.

Share your thoughts in the comments below and don’t forget to like this post.

Source: Associated Press


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


This entry was posted on August 19, 2013 by in Internet, Security and tagged , , , , , , , .
%d bloggers like this: