Tuesday, March 12, 2019
Home / Public / Lastpass Bug Leaks Plain text information

Lastpass Bug Leaks Plain text information

Users of the password manager LastPass have been warned to update to the most recent version of the software package, which contains a patch for a newly identified bug that could allow attackers to retrieve stored LastPass passwords.

The bug only affects only users of Internet Explorer with LastPass v2.0.20, and allows the passwords that LastPass automatically fills into the fields in IE also stored in plaintext into the computer memory, which in the end allows them to be extracted via a memory dump.

Another prevention of such circumstance is quitting IE deletes all the passwords from the memory.

None the less, LastPass advises all users to update to the latest version, as it also patches other issues and contains many new features.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …