For the quickest way to join, simply enter your email below and get access. We will send a confirmation and sign you up to our newsletter to keep you updated on all your gaming news.
When it comes to security, it's better to be safe than sorry. That's the core message Microsoft shared when explaining why its Edge browser will no longer load passwords into memory on startup.
Earlier this month, researcher Tom Jøran Sønstebyseter Rønning found that Edge decrypts every credential on startup and keeps that data in memory. Edge is seemingly the only Chromium-based browser to load all stored passwords into memory using plaintext at startup. In contrast, Chrome only decrypts specific passwords and loads them in plaintext in memory when a user asks to see the password.
Shortly after Rønning shared their findings, Microsoft issued a statement on the discovery explaining that the behavior "is an expected feature of the application." The company also noted that accessing browser data through the behavior would require a device that was already compromised.
"Based on our existing criteria, this behavior falls within the expected threat model, since the risk begins after an attacker has already compromised the device. At the same time, we believe there’s opportunity to improve. In this blog, we’ll show you what we’re changing and why."
In an update that brings Edge to version 148, the browser will no longer load passwords into memory on startup. The change is already live in the Canary Channel of Edge and will roll out to all users soon.
It's an interesting development because Microsoft is simultaneously repeating that the behavior is not a serious security risk and rolling out an immediate change to alter that behavior.
Join us on Reddit at r/WindowsCentral to share your insights and discuss our latest news, reviews, and more.
Sean Endicott is a news writer and apps editor for Windows Central with 11+ years of experience. A Nottingham Trent journalism graduate, Sean has covered the industry’s arc from the Lumia era to the launch of Windows 11 and generative AI. Having started at Thrifter, he uses his expertise in price tracking to help readers find genuine hardware value.
Beyond tech news, Sean is a UK sports media pioneer. In 2017, he became one of the first to stream via smartphone and is an expert in AP Capture systems. A tech-forward coach, he was named 2024 BAFA Youth Coach of the Year. He is focused on using technology—from AI to Clipchamp—to gain a practical edge.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Windows Central Insider
