Edge WebView2 phishing bug

Adobe Community Professional ,
Jun 28, 2022 Jun 28, 2022

Copy link to clipboard

Copied

Does this credential-stealing bug affect Edge WebView2 embedded in Adobe applications?

https://www.bleepingcomputer.com/news/security/clever-phishing-method-bypasses-mfa-using-microsoft-w...

TOPICS
Windows

Views

41

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Community Professional ,
Jun 28, 2022 Jun 28, 2022

Copy link to clipboard

Copied

According to the article,

 

"However, as mr.d0x admits and Microsoft pointed out in their response to our questions, this attack is a social engineering attack and requires a user to run a malicious executable

As for how to protect yourself from these attacks, all the regular cybersecurity advice remains the same.

Do not open unknown attachments, especially if they are executables, scan files you download from the Internet and do not enter your credentials into an application unless you are 100% sure the program is legitimate"

 

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Community Professional ,
Jun 28, 2022 Jun 28, 2022

Copy link to clipboard

Copied

LATEST
quote

Does this credential-stealing bug affect Edge WebView2 embedded in Adobe applications?

 

Probably not. Aside from what @Ged_Traynor said, the CC stuff uses its own protected connections and continually checks the status, so even if one of the session keys or cookies could be obtained, it would probably be useless even after decoded since all it contains is another level of encryption. In a way one could probably say that the many activation issues or people losing access to their CC online content when this stuff doesn't work correctly could in such a scenario turn into an advantage and evildoers not gain access this way.

 

Mylenium

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines