CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

C

I’m sorry…”by design”??!!
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized infosec cybersecurity microsoft edge
4

0 Votes

4 Posts

8 Views

F

@cyberseckyle yup. I'm spreading that message around now at work. It's scary simple to dump process memory in your own user space. That's it. That's all an exploit needs to do.
A

The cybersecurity researcher posted something about this on X yesterday.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized microsoft infosec edge
1

0 Votes

1 Posts

4 Views

A

The cybersecurity researcher posted something about this on X yesterday. "Rønning clarifies that Edge decrypts every credential at startup, regardless of whether you visit a site using those credentials. This doesn't mean that one can simply access those passwords with little know-how, though. A user needs administrative access to a terminal server, which is already a major breach on a computer, but from here, "they can access the memory of all logged‑on user processes."PC Gamer: Microsoft Edge saves passwords in cleartext 'by design' and researchers argue 'this turns into a credential harvest' on shared PCs https://www.pcgamer.com/hardware/microsoft-edge-saves-passwords-in-cleartext-by-design-and-researchers-argue-this-turns-into-a-credential-harvest-on-shared-pcs/ #Microsoft #infosec #Edge