Posted on 04/20/2017 3:51:21 AM PDT by markomalley
An independent security researcher claims to have uncovered a security flaw in Microsoft Edge.
The issue enables any website to identify a user by his username from another website, according to Ariel Zelivansky. More specifically the researcher alleges that Edge exposes the URL of any Fetch response, in contradiction to the specification. This is a problem because it's possible to identify users by crafting a Fetch request to a URL that will redirect to a URL with the user's username (e.g. https://facebook.com/me to https://facebook.com/username).
Zelivansky approached Microsoft but the software giant dismissed the issue. El Reg requested a comment only to be told that Redmond had nothing to add beyond its response to Zelivansky.
The security researcher went public with his findings and contacted The Reg after Redmond decided the issue didn't merit patching earlier this month. The issue has spawned a discussion thread on Reddit. ®
Only idiots use Microsoft browsers. Wise use Google’s because they never identify you not sell your data. Only wish Facebook had their browser. It would be the most privacy friendly ever.
You should be worried about Microsoft’s Windows 10 Creator Update it will collect tons of your info for resale ,even your key strokes and you can’t turn the collecting off
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.