Microsoft Edge is keeping your passwords in plaintext memory: Here’s what that actually means
ID: eb0f161d-df3f-5311-9327-dad6d63fb844
STIX ID: report--eb0f161d-df3f-5311-9327-dad6d63fb844
Feed Name: ThreatLocker Blog
Threat Score
### Executive summary: The report describes a disclosure showing Microsoft Edge loads all saved passwords into plaintext process memory at browser startup, creating a persistent extraction surface that infostealer malware or any process with user-session memory-read access (including an elevated admin on terminal servers) can harvest; mitigations recommended include avoiding Edge's built-in manager, using standalone password managers, deny-by-default allowlisting, and restricting execution and administrative privileges.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.