(malwarebytes.com) Security Risks of Browser Password Managers: Why Microsoft Edge's Design Raises Concerns
-
(malwarebytes.com) Security Risks of Browser Password Managers: Why Microsoft Edge's Design Raises Concerns
Microsoft Edge loads the entire password vault into plaintext process memory at startup—a design choice that enables post-compromise credential harvesting. Unlike Chrome, Edge lacks app-bound encryption and decrypts all passwords on launch, persisting them in memory.
In brief - Microsoft Edge’s password manager design exposes plaintext credentials in memory at startup, increasing risk of post-compromise harvesting. This contrasts with Chrome’s on-demand decryption and app-bound key protections.
Technically - Research by @L1v1ng0ffTh3L4N reveals Edge decrypts the full password vault into process memory upon launch, unlike Chromium peers that decrypt only when needed (e.g., autofill). This behavior, acknowledged by Microsoft as ‘by design,’ allows infostealers with elevated privileges to extract credentials via memory reads. A PoC demonstrates exploitation without requiring zero-days, aligning with broader findings on password manager memory leaks.
-
R relay@relay.infosec.exchange shared this topic
