Found out about this from Virginia Tech tech support Google Group:
http://www.zdnet.com/article/lastpass-hit-by-password-stealing-and-code-execution-vulnerabilities/
From ZDNet: LastPass hit by password stealing and code execution vulnerabilities
+17
+56I'm sure WSA's Identity Shield would protect any malware stealing code execution from any vulnerabilities.
http://live.webrootanywhere.com/content/608/Managing-Identity-Protection
http://live.webrootanywhere.com/content/608/Managing-Identity-Protection
Do I need to add LastPass files (which files) with Application Protection for WSA's Identity Shield to protect any malware stealing code execution from any vulnerability.
Or, maybe LastPass is protected by virtue of LastPass browser integration (extension) since browser is listed with Application Protection.
What's best practice regarding LastPass.
Thanks
+56Are you using the built in Lastass in WSA or Lastpass from Lastpass? If the latter it can't hurt to add it to ID Shield but if your using the built in version in WSA it's already protected.@ wrote:
Do I need to add LastPass files (which files) with Application Protection for WSA's Identity Shield to protect any malware stealing code execution from any vulnerability.
Or, maybe LastPass is protected by virtue of LastPass browser integration (extension) since browser is listed with Application Protection.
What's best practice regarding LastPass.
Thanks
Using LastPass from LastPass.@ wrote:
Are you using the built in Lastass in WSA or Lastpass from Lastpass? If the latter it can't hurt to add it to ID Shield but if your using the built in version in WSA it's already protected.@ wrote:
Do I need to add LastPass files (which files) with Application Protection for WSA's Identity Shield to protect any malware stealing code execution from any vulnerability.
Or, maybe LastPass is protected by virtue of LastPass browser integration (extension) since browser is listed with Application Protection.
What's best practice regarding LastPass.
Thanks
https://blog.lastpass.com/2017/03/important-security-updates-for-our-users.html/
Thanks
+56Well to have a piece of mind add Lastpass .exe's to the ID Shield under protect and it wouldn't hurt to do so. I also add PDF readers, Outlook, Word and even Snagit under Protect under ID Shield. http://live.webrootanywhere.com/content/610/Managing-Protected-Applications@ wrote:
Using LastPass from LastPass.@ wrote:
Are you using the built in Lastass in WSA or Lastpass from Lastpass? If the latter it can't hurt to add it to ID Shield but if your using the built in version in WSA it's already protected.@ wrote:
Do I need to add LastPass files (which files) with Application Protection for WSA's Identity Shield to protect any malware stealing code execution from any vulnerability.
Or, maybe LastPass is protected by virtue of LastPass browser integration (extension) since browser is listed with Application Protection.
What's best practice regarding LastPass.
Thanks
https://blog.lastpass.com/2017/03/important-security-updates-for-our-users.html/
Thanks
We have been in contact with LastPass to understand if this affects our users, and they have communicated that it does not.
From LastPass:
The vulnerability is related to a very recent version of the LastPass browser plugin.
Webroot products are unaffected because that version had limited release and Webroot had not incorporated that release in our version of LastPass.
Here is a blog post update that they directed us to:
https://blog.lastpass.com/2017/03/important-security-updates-for-our-users.html/
From LastPass:
The vulnerability is related to a very recent version of the LastPass browser plugin.
Webroot products are unaffected because that version had limited release and Webroot had not incorporated that release in our version of LastPass.
Here is a blog post update that they directed us to:
https://blog.lastpass.com/2017/03/important-security-updates-for-our-users.html/
+54Thank you for the update JP.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.