Microsoft Edge Password Manager Vulnerability Exposes Plaintext Passwords in Memory

Microsoft Edge’s built-in password manager stores passwords in encrypted form and secures them with Windows Hello, but researchers found that passwords are temporarily loaded into memory in plaintext. The issue affects the browser’s handling of saved credentials during active use, exposing them to potential extraction via memory inspection tools. No specific vulnerability identifier (such as a CVE) or patch timeline was provided in the report. The discovery highlights a security gap where sensitive data remains unprotected in volatile memory despite encryption at rest. The article does not specify the exact versions of Edge affected or the date of disclosure.