You won't believe what Microsoft Edge does with your passwords the moment you launch the browser - it's a security risk you need to know about
Microsoft Edge decrypts every stored password into process memory the moment the browser launches and keeps them there as cleartext, regardless of whether the user ever visits those sites.
Microsoft Edge decrypts every stored password into process memory the moment the browser launches, keeping them as cleartext regardless of whether the user visits those sites. This was discovered by a security researcher who found that the browser stores all saved passwords in cleartext process memory at launch. The researcher's findings indicate that this occurs even if the user never visits the sites associated with the stored passwords. Microsoft Edge's password management system is designed to provide convenience, but this feature may compromise security.
This security risk directly affects users who rely on Microsoft Edge for online transactions, as their passwords are stored in cleartext and can be accessed by malicious actors. Users who store sensitive information, such as financial or personal data, may be particularly vulnerable to exploitation. The cost of a potential security breach could be substantial, with some estimates suggesting that the average cost of a data breach is over $3 million. This financial risk is a tangible impact on users who trust Microsoft Edge with their sensitive information.
This issue is part of a larger pattern of password management vulnerabilities in popular browsers. Historically, browsers have struggled to balance convenience and security, often prioritizing ease of use over robust security measures. Insiders know that the use of cleartext storage for passwords is a common practice, but one that is increasingly being recognized as a security risk. The discovery of this vulnerability in Microsoft Edge highlights the need for more secure password management practices in the industry.
Microsoft is expected to release a patch or update to address this security risk in the coming weeks. The company's decision to prioritize security over convenience will be closely watched by industry experts and users alike. A report by the security researcher who discovered the vulnerability is scheduled to be presented at an upcoming cybersecurity conference on May 15. Interestingly, the researcher has noted that other popular browsers may also be vulnerable to similar security risks, highlighting the need for a broader industry-wide response to password management security.
You won't believe the shocking change Google just made to Chrome updates - and how it affects YOU
You won't believe which beloved games might be coming to PC next, but there's a catch that could change the gaming landscape forever
Hackers just hijacked over 400 Linux packages to steal your data - is your computer at risk?
Nintendo's shocking loss in a 2-year battle against Palworld makers: what does this mean for the future of gaming?
You won't believe what's really inside Trump's phone - it's not what you think!
You Won't Believe What Apple Just Said About Siri's Future