At Guardio, making browsing safer is what we do best, with one of our key products being a browser extension that boosts users’ security on desktop browsers. Our expertise in this area led us to…

Guardio's platform is a resource for cybersecurity professionals and internet users, offering insights into online security threats, malware protection, and data privacy. Through articles, security alerts, and educational resources, Guardio offers insights into common cybersecurity risks, security best practices, and digital hygiene habits. Readers can learn about protecting their devices from malware, securing their online accounts, and staying safe while browsing the internet to mitigate cyber threats and safeguard their personal information.

Guardio

Guardio Labs discovered a vulnerability in Microsoft Edge's marketing API that allowed covert installation of browser extensions with broad permissions. The issue was promptly disclosed to Microsoft and resolved in February 2024. The vulnerability was due to a private API accessible from select Microsoft websites that allowed the installation of extensions without user consent. The exploitation of this vulnerability could lead to the installation of malicious extensions and potential monetary gain for attackers.

“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation

The Hidden API that Sneaks in an Extension

Exploitation by Injecting JavaScript Snippets

Exploit POC — Simple, Yet Powerful Extension

Adversaries Persistancy and Other Consequences