Consider Doing The Exact Opposite Of What Your Internal ‘Experts’ Suggest?
Microsoft is getting much better at reversing course; not so much at initially making wrong turns. The latest about face involves their Chrome download tool, also known as Microsoft Edge. It was recently revealed that Edge helpfully loaded your saved passwords into memory in plain text when you start the browser up and kept there even when Edge is closed. To be fair that is rather hard to shut Edge down in Windows 11, as it loves to run in the background no matter what. This makes storing saved passwords in plain text worse, not better.
Well today, even though Microsoft stated that storing passwords in plain text was by design, Microsoft rolled out a new update to the Edge Canary channel which prevents that behaviour. As of Edge Build 148 and newer normal users will also be protected. The hue and cry from their users and security professionals over Microsoft’s stance that this is not a security concern because the attacker would have to already have admin privileges was loud enough to resolve this obvious security issue.
It’s nice to have some good news to share on a Friday, if you’d prefer the regular depressing security news we have been seeing just scroll down a wee bit.
