You won't believe what Microsoft Edge does with your passwords the moment you launch the browser - it's a security risk you need to know about
Microsoft Edge decrypts every stored password into process memory the moment the browser launches and keeps them there as cleartext, regardless of whether the user ever visits those sites.
Microsoft Edge decrypts every stored password into process memory the moment the browser launches, keeping them as cleartext regardless of whether the user visits those sites. This was discovered by a security researcher who found that the browser stores all saved passwords in cleartext process memory at launch. The researcher's findings indicate that this occurs even if the user never visits the sites associated with the stored passwords. Microsoft Edge's password management system is designed to provide convenience, but this feature may compromise security.
This security risk directly affects users who rely on Microsoft Edge for online transactions, as their passwords are stored in cleartext and can be accessed by malicious actors. Users who store sensitive information, such as financial or personal data, may be particularly vulnerable to exploitation. The cost of a potential security breach could be substantial, with some estimates suggesting that the average cost of a data breach is over $3 million. This financial risk is a tangible impact on users who trust Microsoft Edge with their sensitive information.
This issue is part of a larger pattern of password management vulnerabilities in popular browsers. Historically, browsers have struggled to balance convenience and security, often prioritizing ease of use over robust security measures. Insiders know that the use of cleartext storage for passwords is a common practice, but one that is increasingly being recognized as a security risk. The discovery of this vulnerability in Microsoft Edge highlights the need for more secure password management practices in the industry.
Microsoft is expected to release a patch or update to address this security risk in the coming weeks. The company's decision to prioritize security over convenience will be closely watched by industry experts and users alike. A report by the security researcher who discovered the vulnerability is scheduled to be presented at an upcoming cybersecurity conference on May 15. Interestingly, the researcher has noted that other popular browsers may also be vulnerable to similar security risks, highlighting the need for a broader industry-wide response to password management security.
When AI Chatbots Develop Bizarre Obsessions: The Dark Side of ChatGPT
When AI Goes Rogue: The Bizarre 'Selfie' That Backfired on a Gaming CEO
NASA just achieved the impossible: beaming a massive 484 GB from the moon, and it's changing everything we thought we knew about space communication
You won't believe what's replacing menus at restaurants and why baby boomers are furious about it
You won't believe which AI voice assistant is now smarter than Siri and can control your car - it's not what you think!
You won't believe how 30,000 Facebook users got hacked in a massive phishing scam - and how you can protect yourself