Copy link to clipboard
Copied
Does this credential-stealing bug affect Edge WebView2 embedded in Adobe applications?
Copy link to clipboard
Copied
According to the article,
"However, as mr.d0x admits and Microsoft pointed out in their response to our questions, this attack is a social engineering attack and requires a user to run a malicious executable
As for how to protect yourself from these attacks, all the regular cybersecurity advice remains the same.
Do not open unknown attachments, especially if they are executables, scan files you download from the Internet and do not enter your credentials into an application unless you are 100% sure the program is legitimate"
Copy link to clipboard
Copied
Does this credential-stealing bug affect Edge WebView2 embedded in Adobe applications?
Probably not. Aside from what @Ged_Traynor said, the CC stuff uses its own protected connections and continually checks the status, so even if one of the session keys or cookies could be obtained, it would probably be useless even after decoded since all it contains is another level of encryption. In a way one could probably say that the many activation issues or people losing access to their CC online content when this stuff doesn't work correctly could in such a scenario turn into an advantage and evildoers not gain access this way.
Mylenium