Researcher Ashish Singh has discovered that that browsing history of websites, including the ones visited in private mode is stored on the system's hard drive.
In the report published on Forensic Focus, Singh explains that Microsoft Edge browser leaves your personal browsing data out in the open.
Since all of the browsing data, including the browsing data of websites visited in the InPrivate mode of the Edge browser is stored in its WebCache file, attackers can gain access to the browser's entire history database by locating the ‘Container_n' table.
Explaining the loophole of Microsoft's Edge browser, Singh states that, “in the case of Microsoft Edge even the private browsing isn't as private as it seems. Previous investigations of the browser have resulted in revealing that websites visited in private mode are also stored in the browser's WebCache file.”
While every browser has their very own private browsing mode, almost all of them have no ability to store the private browsing web sessions.
Edge would not be the first browser to be flagged for such an issue, since all the major browsers – Firefox, Chrome, Internet Explorer and Safari were accused of leaving private browsing data vulnerable, according to research by Stanford.
Reporters at The Verge have already tried and tested the report submitted by Singh, and were able to recover private browsing data after the session had been closed. Microsoft is investigating the loophole and said that they are “committed to resolving this as quickly as possible.”
Source: Forensic Focus via The Verge