Security bugs in the password manager that could have led to passwords being stolen were fixed in less than day, according to the researcher who found them.
Well, that was fast.
Tavis Ormandy, a vulnerability researcher at Google, announced Tuesday that a vulnerability he’d found a day earlier in the Chrome and Firefox plug-ins for the LastPass password manager had been resolved. The vulnerability could have led to passwords being stolen, he said.
LastPass , which allows you to use one master password and keeps your individual passwords in what it calls its “encrypted vault,” responded to Ormandy’s notice with a workaround. The company tweeted that it was working on a permanent fix.
Ormandy, who has uncovered problems with the software in the past , made details of the bug public after it was initially fixed.
