Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
ID: 1d6ae481-92ed-5f85-882b-386bade24bf9
STIX ID: report--1d6ae481-92ed-5f85-882b-386bade24bf9
Feed Name: Dark Reading
Threat Score
A Microsoft Edge design issue causes all saved passwords to be decrypted and held in process memory, enabling an attacker with admin/local access on shared or virtualized Windows environments to extract plaintext credentials via memory dumps. A researcher released a PoC showing how to exploit this; mitigations include disabling Edge password storage via group policy, using dedicated password managers, limiting admin privileges, and monitoring for memory-scraping behaviors.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.