Microsoft Edge stops loading saved passwords into cleartext memory at startup
Security Tool/Service
Summary
Hide ▲
Show ▼
Microsoft Edge is changing its built-in password manager so saved passwords are no longer loaded into process memory in clear text at startup, reducing the risk of local credential extraction. The defense-in-depth update is already live in Edge Canary and will roll into build 148 and newer across supported releases.
Related Happenings
Windows cldflt.sys MiniPlasma privilege escalation zero-day privilege-escalation flaw
Vulnerability
H score52
First: 18.05.2026 07:59
Last: 18.05.2026 07:59
Sources 1
About this happening:
**MiniPlasma** is a **Windows privilege-escalation zero-day** in **cldflt.sys** that can give attackers **SYSTEM** privileges on **fully patched Windows systems**. The flaw affect...
Windows cldflt.sys MiniPlasma privilege escalation zero-day privilege-escalation flaw
VulnerabilityAbout this happening: **MiniPlasma** is a **Windows privilege-escalation zero-day** in **cldflt.sys** that can give attackers **SYSTEM** privileges on **fully patched Windows systems**. The flaw affect...
Windows cldflt.sys privilege escalation (CVE-2020-17103)
Vulnerability
H score28
First: 18.05.2026 01:30
Last: 18.05.2026 01:30
Sources 1
About this happening:
A public **MiniPlasma** proof-of-concept has renewed concern around the **Windows cldflt.sys Cloud Filter driver** because it can elevate a **standard user** to **SYSTEM** on **fu...
Windows cldflt.sys privilege escalation (CVE-2020-17103)
VulnerabilityAbout this happening: A public **MiniPlasma** proof-of-concept has renewed concern around the **Windows cldflt.sys Cloud Filter driver** because it can elevate a **standard user** to **SYSTEM** on **fu...
Microsoft May 2026 Patch Tuesday release
Security Patch Release
H score44
First: 13.05.2026 13:36
Last: 13.05.2026 13:36
Sources 1
About this happening:
Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...
Microsoft May 2026 Patch Tuesday release
Security Patch ReleaseAbout this happening: Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...
Latest development: 01.06.2026 15:30
Belgium's Centre for Cybersecurity warned that CVE-2026-41089 in Windows Netlogon is being actively exploited in the wild after Microsoft patched the stack-based buffer overflow during the May 2026 Patch Tuesday. The flaw affects all currently supported Windows Server versions, including Windows Server 2025, and can let an unauthenticated attacker gain remote code execution on targeted domain controllers.
Windows DNS heap-based buffer overflow remote code execution flaw (CVE-2026-41096)
Vulnerability
H score41
First: 13.05.2026 13:36
Last: 13.05.2026 13:36
Sources 1
About this happening:
Microsoft patched **CVE-2026-41096**, a **heap-based buffer overflow** in **Windows DNS** that could let an unauthorized attacker execute code remotely on vulnerable Windows syste...
Windows DNS heap-based buffer overflow remote code execution flaw (CVE-2026-41096)
VulnerabilityAbout this happening: Microsoft patched **CVE-2026-41096**, a **heap-based buffer overflow** in **Windows DNS** that could let an unauthorized attacker execute code remotely on vulnerable Windows syste...
Windows Shell spoofing flaw actively exploited (CVE-2026-32202)
Vulnerability
H score47
First: 28.04.2026 08:50
Last: 28.04.2026 08:50
Sources 1
About this happening:
**Microsoft** updated **Windows Shell** advisory guidance to confirm **CVE-2026-32202** was **actively exploited in the wild**, raising the risk of sensitive-information disclosur...
Windows Shell spoofing flaw actively exploited (CVE-2026-32202)
VulnerabilityAbout this happening: **Microsoft** updated **Windows Shell** advisory guidance to confirm **CVE-2026-32202** was **actively exploited in the wild**, raising the risk of sensitive-information disclosur...
Timeline
-
15.05.2026 03:00 1 articles · 1mo ago
Researcher discloses Edge password memory exposure
Initial DisclosureSecurity researcher Tom Jøran Sønstebyseter Rønning disclosed that the Edge built-in password manager decrypted all stored credentials on launch and kept them in process memory even when the passwords were not in use, and he released a proof-of-concept tool that could let an attacker with Administrator privileges dump passwords from other users' Edge processes.
Show sources
- Microsoft Edge to stop loading cleartext passwords in memory on startup — www.bleepingcomputer.com — 15.05.2026 17:49
-
15.05.2026 03:00 2 articles · 1mo ago
Microsoft rolls out Edge password-memory fix
Mitigation Patch UpdateMicrosoft announced that future versions of Edge will no longer load saved passwords into process memory in clear text at startup, with the defense-in-depth change already live in Edge Canary and scheduled for the next update in build 148 and newer across Stable, Beta, Dev, Canary, and Extended Stable.
Show sources
- Microsoft Edge to stop loading cleartext passwords in memory on startup — www.bleepingcomputer.com — 15.05.2026 17:49
- Microsoft Edge to stop loading cleartext passwords in memory on startup — www.bleepingcomputer.com — 15.05.2026 17:49