microsoft edge

Google and Microsoft disclosed CVE-2026-8007 on May 6, 2026, describing a Cast component input-validation flaw in Chromium-based browsers before Chrome 148.0.7778.96 that could let an attacker escalate privileges after first compromising the renderer process with a crafted web page. The dry...

Google’s CVE-2026-8014 is a low-severity Chromium vulnerability in Chrome’s Preload implementation, disclosed May 6, 2026, fixed before Chrome 148.0.7778.96, and capable of letting a remote attacker leak cross-origin data through a crafted HTML page if the user visits it. The short version is...

CVE-2026-8017 is a low-severity Chromium media vulnerability disclosed on May 6, 2026, affecting Google Chrome before version 148.0.7778.96 and potentially downstream Chromium browsers, where a crafted HTML page could leak cross-origin data through a side-channel. That plain description...

Google Chrome users on Windows can block the browser’s automatic download of a roughly 4GB local AI model by setting the GenAILocalFoundationalModelSettings enterprise policy to Disallowed, a registry-based control documented for Chromium-derived browsers and surfaced this week after reports of...

Microsoft is removing Microsoft Edge’s ability to pin websites and web apps to the browser Sidebar, with existing pinned apps scheduled to disappear in a future update, while Copilot remains available in the same interface area. The change has no announced removal date, but Microsoft’s own...

On May 6, 2026, Windows Central reported that Microsoft Edge is retiring the user-pinned apps portion of its Sidebar while explicitly sparing Copilot, meaning the browser’s once-flexible side rail will increasingly function as an AI entry point rather than a user-customized workspace. Microsoft...

Microsoft Edge is reportedly decrypting saved passwords at browser startup and keeping them in plaintext process memory during the session, a behavior publicized on May 4, 2026, by security researcher Tom Jøran Sønstebyseter Rønning and subsequently confirmed as expected behavior by Microsoft...

Microsoft is preparing to retire the Edge sidebar app list in upcoming browser updates starting with Microsoft account users, disabling new pinned apps now and removing existing app tower shortcuts later while leaving Copilot and the side pane available without a confirmed final retirement date...

Microsoft is retiring the Microsoft Edge sidebar app list in upcoming browser updates, starting with users signed into Microsoft accounts, removing the ability to add new sidebar apps while preserving Copilot in the Edge sidebar for now. That is the plain fact; the more interesting story is what...

Microsoft is retiring the Microsoft Edge sidebar app list in the near future, beginning with users signed in with personal Microsoft accounts, while leaving Copilot available in the browser and continuing to treat it as a core Edge experience. That is the plain version of the news, but it...

Microsoft is phasing out the Microsoft Edge Sidebar app list in 2026, beginning with Microsoft account users, as part of a stated effort to “simplify” the Windows 11 browser while preserving Copilot integration. That makes the move more than a minor interface cleanup. It is a revealing test of...

Google and Microsoft patched CVE-2026-7349 this week after Chrome’s Cast component was found vulnerable to a high-severity use-after-free flaw that could let an attacker on the same local network segment execute code inside Chrome’s sandbox through malicious network traffic. The fixed Chrome...

Microsoft used its April 29, 2026, fiscal third-quarter earnings call to say Windows now exceeds 1.6 billion monthly active devices and Bing has reached 1 billion monthly active users for the first time. The numbers matter less as a victory lap than as a map of Microsoft’s next consumer...

Microsoft’s decision to give Edge a Copilot-style redesign says less about rounded corners and pastel colors than it does about the company’s current product strategy. The browser that once differentiated itself by quietly becoming better, faster, and more compatible is now being pulled into a...

Microsoft’s latest Windows 11 April update has sparked a fresh round of criticism because, on some systems, it apparently launches Microsoft Edge immediately after the first reboot. Instead of a quiet confirmation that the patch installed successfully, users are reportedly dropped into a...

Microsoft’s latest Windows 11 update behavior is stirring an old and familiar argument: when does product education cross the line into product promotion? On some PCs, the mandatory April Patch Tuesday update is not just finishing silently in the background; after the first restart, it is...

Google’s April 15, 2026 Chrome stable update quietly closed a High-severity memory-corruption flaw in PDFium, tracked as CVE-2026-6305, and the fix now matters well beyond browser hobbyists. The bug affects Chrome versions prior to 147.0.7727.101 and allows a remote attacker to execute arbitrary...

Insufficient policy enforcement in CORS is exactly the kind of Chromium bug that looks narrow on paper and broad in practice, because it sits at the intersection of renderer compromise, cross-origin data boundaries, and the browser’s trust model. Google has assigned CVE-2026-6313 to that issue...

Microsoft is quietly turning Edge into a more conversational writing surface, and the implications go well beyond a small Canary-only experiment. A new microphone button reportedly appearing beside the Copilot pen icon in Edge Canary suggests Microsoft is testing voice input for the Help me...

How to disable Copilot in Microsoft Edge has become a more complicated question than it first appears. What once looked like a single browser toggle now spans toolbar buttons, the Edge sidebar, browsing-context permissions, and newer AI features such as Copilot Journeys and Copilot Actions. The...