Microsoft Edge Password Storage in Memory Poses Enterprise Risk
Security researchers have demonstrated that Microsoft Edge stores passwords in process memory, creating a potential risk for credential theft by attackers with administrative access.
A security research finding has highlighted a potential risk in Microsoft Edge, where passwords can be stored in process memory in a way that is accessible to users with administrative privileges. A proof-of-concept (PoC) exploit has demonstrated how an attacker with local admin rights can extract these credentials from memory.
This issue poses a particular risk to enterprise environments where multiple users might share systems or where administrative access is not strictly controlled. Once extracted, these credentials could be used to facilitate further malicious activities, including lateral movement within the network or unauthorized access to sensitive corporate resources.
Organizations are encouraged to review their endpoint security policies and ensure that administrative privileges are granted only when necessary. While this is a known behavior of the browser's memory management, security teams should implement robust endpoint protection and monitoring to detect and prevent unauthorized access to process memory. [Dark Reading]