Edge vulnerability allowed attackers to steal local files


#1

Originally published at: https://www.myce.com/news/edge-vulnerability-allowed-attackers-to-steal-local-files-84797/

A vulnerability in Microsoft Edge allowed attackers to steal local files when the victims opened a specially crafted HTML file. The leak in the default browser of Windows 10 bypassed the Same Origin Policy (SOP) security measure.


#2

(From a more general historical perspective).

This sort of M$ fiasco is the primary reason why I never used stuff like IE, Edge, Outlook, etc … back in the day. I remember back in the day circa 1990s, M$ seemed to largely treat security holes/problems as PR or marketing problems and not as technical problems.

Whenever I’ve had to deal with computer illiterates in my local offline social circles, I tell every single one of them that they’re fools to continue using IE, Outlook, etc … and that I will not help them any further if they continue to use IE, Edge, Outlook, etc … as their primary web browsers, mailreader, etc …


#3

Two parts to the story first they had to open the malicious html so if they don’t open what they don’t know then it stops it. Also begs the questions why are you opening Nigeria Money loans? That should be obvious if you don’t know the reason for the email why click on links or open emails that you didn’t request.