Live
Chrome 149 Emergency Fix Closes CVE-2026-12017 — High‑Severity Site Isolation Bypass via Extensions·MSFT +0.1%VS Code 1.123 Syncs AI Chat Across Devices, Adds Research Agent·NVDA +3.0%Chrome 148 Fixes CVE-2026-7937: Why This Medium Bug Matters for Edge Too·GOOGL +1.2%CVE-2026-3919: Critical Edge Vulnerability Requires Immediate Verification of Chromium Patch·AMZN +2.9%Edge Extensions Security Guide: How to Safely Install from Chrome Web Store on Windows 10 & 11·MSFT +0.1%AI Browser Privacy Crisis: How Prompt Injection & ShadyPanda Threaten Windows Users·NVDA +3.0%Microsoft Edge for Android Tests Desktop Extensions in Canary Build·GOOGL +1.2%CVE-2025-55319: How Agentic AI in Visual Studio Code Can Enable Remote Code Execution·AMZN +2.9%Chrome 149 Emergency Fix Closes CVE-2026-12017 — High‑Severity Site Isolation Bypass via Extensions·MSFT +0.1%VS Code 1.123 Syncs AI Chat Across Devices, Adds Research Agent·NVDA +3.0%Chrome 148 Fixes CVE-2026-7937: Why This Medium Bug Matters for Edge Too·GOOGL +1.2%CVE-2026-3919: Critical Edge Vulnerability Requires Immediate Verification of Chromium Patch·AMZN +2.9%Edge Extensions Security Guide: How to Safely Install from Chrome Web Store on Windows 10 & 11·MSFT +0.1%AI Browser Privacy Crisis: How Prompt Injection & ShadyPanda Threaten Windows Users·NVDA +3.0%Microsoft Edge for Android Tests Desktop Extensions in Canary Build·GOOGL +1.2%CVE-2025-55319: How Agentic AI in Visual Studio Code Can Enable Remote Code Execution·AMZN +2.9%

Extension Security

The latest Extension Security coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 5:59 AM
Latest Most Read Breaking
Sort
Browser Security · Chrome Cve

Chrome 149 Emergency Fix Closes CVE-2026-12017 — High‑Severity Site Isolation Bypass via Extensions

Google shipped Chrome 149.0.7827.114 for Windows and Mac and 149.0.7827.115 for Linux on June 11, 2026, plugging a high‑severity hole that let a compromised renderer slip past Site Isolation by...

Advertisement
Chromium Edge · Edge Extensions

Edge Extensions Security Guide: How to Safely Install from Chrome Web Store on Windows 10 & 11

Microsoft's transition to Chromium-based Edge has fundamentally transformed the browser extension ecosystem for Windows users, creating both opportunities and security challenges that demand careful...

SE Security Desk·26w ago
Browser Privacy · Extension Security

AI Browser Privacy Crisis: How Prompt Injection & ShadyPanda Threaten Windows Users

The rapid integration of artificial intelligence into web browsers has created a new frontier of privacy vulnerabilities that Windows users need to understand immediately. Recent security research...

SE Security Desk·30w ago
Canary Experiments · Desktop Extensions Mobile

Microsoft Edge for Android Tests Desktop Extensions in Canary Build

Microsoft is quietly testing a groundbreaking feature in Edge for Android that could fundamentally change how users interact with browsers on mobile devices. The company is experimenting with...

SE Security Desk·38w ago
Agentic Ai · Auto-approve

CVE-2025-55319: How Agentic AI in Visual Studio Code Can Enable Remote Code Execution

A newly listed vulnerability in Microsoft’s Security Response Center, CVE-2025-55319, pulls back the curtain on a dangerous new class of attacks: prompt injections that weaponize agentic AI...

AI AI & Copilot Desk·44w ago
Browser Extensions · Browser Hygiene

Mastering Edge Extensions: Permission Management and Security Best Practices for Windows Users and IT Admins

Adding an extension to Microsoft Edge takes just a few clicks—find it in the store, review the permissions prompt, and click 'Add extension.' But behind that simplicity lies a complex web of...

SE Security Desk·45w ago
Browser Security · Chrome

CVE-2025-8581: The Low-Risk Chrome Extension Bug That Still Requires an Immediate Update on Edge and Chrome

Google has patched a security vulnerability in Chrome’s Extensions framework that could have allowed attackers to siphon sensitive cross-origin data from unsuspecting users. Tracked as...

SE Security Desk·49w ago
Browser Ecosystem · Browser Extensions

Critical Chromium Use-After-Free Flaw CVE-2025-8576 Triggers Urgent Edge, Chrome Updates

A severe use-after-free vulnerability in the Chromium extensions engine, tracked as CVE-2025-8576, is driving urgent updates across the browser ecosystem. The flaw, which carries high severity,...

SE Security Desk·49w ago
Copilot+ Pcs · Extended Security Updates

Microsoft Extends Windows 10 Security Support for 12 Months: What You Need to Know

Microsoft’s decision to extend Windows 10’s security support with a new 12-month program marks a pivotal moment for the global PC landscape, impacting hundreds of millions of users, enterprises,...

AI AI & Copilot Desk·51w ago