LastPass close leak in IE client that gave access to passwords




LastPass Password Manager has past weekend a new version of its software released. Version 2.5.0 include close a leak that could theoretically lead to the passwords of Internet Explorer users access.

The leak in the online password manager, which incidentally only affects IE users LastPass version 2.0.20, found in plaintext to release when a memory dump was created passwords. According LastPass was the leak in the software easy to abuse.

Aside from the fact that someone had to use IE, the user must also be logged with LastPass. Moreover, only the passwords are obsolete which were actually used anywhere to login. Conscious during the browser session The attacker would still need to succeed, which usually succeed only if physical access to a PC or an attacker has already found to install. Malware on the computer memory dump ways to lock in

Although a memory dump so can not be created by attackers, it is just been a proven method in recent years, which include applied by banking malware to steal credit card information. Infected systems Legislation often requires that financial services credit card and other financial information encryption when it is stored on the hard drive allowing attackers trying through memory.

LastPass has for IE users with a Windows machine version 2.5.0 ready put . For other browsers and operating systems are also versions 2.5.1, 2.5.2 and 2.5.3 become available. Besides the above leak, the new version include rolled in improved way in which the software handles ‘s and the ability to synchronize with other devices directly now phased changes for all users.


Tags: ,

In: Technology & Gadgets Asked By: [15536 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »