Security News > 2023 > April > Microsoft probes complaints of Edge leaking URLs to Bing

Microsoft probes complaints of Edge leaking URLs to Bing
2023-04-26 21:08

You might want to think twice before typing anything into Microsoft's Edge browser, as an apparent bug in a recent release of Redmond's Chromium clone appears to be funneling URLs you visit back to the Bing API. The issue, identified by Redditor HackerMcHackface in the r/browsers subreddit last week, appears to be related to an opt-out content aggregation feature in Edge, called Collections, which offers suggestions for online creators that users may want to follow.

Beginning with Microsoft Edge build 112.0.1722.34, the Redditor notes that the default behavior had changed.

As of the April 7, release of Edge, all URLs entered into the address bar appear to be sent to the Bing API, according to HackerMcHackface's findings.

If you're worried about Edge leaking every page you visit to Bing, disabling the functionality by navigating to the "Privacy, search, and services" tab on the "Settings" page and unticking "Show suggestions to follow creators in Microsoft Edge" near the bottom of the page ought to mitigate the problem.

Despite offering a wealth of privacy toggles, Microsoft Edge hasn't always had the greatest reputation for user's privacy.

In a 2020 paper, Trinity College professor Douglas Leith found that Edge was among the most invasive browsers on the market, partially due to the use of hardware identifiers.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/04/26/microsoft_edge_url/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2820 161 4400