To Avoid a Security Error, Make Sure You Are Using the Latest Version of the LastPass Extension
If you are a LastPass user, you should make sure you are using the latest browser extension.
In today’s blog post, LastPass acknowledged a bug in an extension that could potentially allow malicious websites to trick the browser into providing credentials that you entered on another site. Not exactly what you want.
LastPass says that as soon as it became aware of an issue discovered by a vulnerability researcher at Google, it developed a fix that was deployed to the extension. The problem only affected the extension in Chrome and Opera.
The company notes that “no user action is required and your LastPass browser extension will update automatically,” but it’s always a good idea to make sure the automatic update gets through to you.
To test, click the three dots in the upper right corner of Chrome, then select More Tools and then Extensions. From there, scroll down until you see LastPass, click the Details button, and then click Update to manually update the extension to the latest version.
In a blog post announcing this issue, LastPass also offers some of its own safety tips. In particular, to avoid following links from people you don’t know, never reuse your LastPass Master Password and use unique, different passwords for each online account. You know basic computer security.
The company also suggests that you always enable multi-factor authentication for LastPass as well as your other online accounts. If you don’t already have this setup, now is a good time to review all of your accounts and make sure you have done so.