Microsoft’s recent push to enrich web browsing with AI has hit a snag. A significant vulnerability in its NLWeb protocol – designed to link AI-driven search across websites and apps – has been discovered. This weakness now exposes sensitive files to unauthorised access, sparking immediate concerns in the tech community.
Although Microsoft has rolled out a patch, the absence of a standard Common Vulnerabilities and Exposures (CVE) reference has not sat well with security experts. Their worry is that without clear tracking, the true extent of the issue might be hard to gauge. If you’ve ever dealt with security lapses in digital tools, you understand the frustration of managing unexpected risks.
This incident serves as a reminder to regularly reassess security measures, even when new technologies promise improved efficiency and integration.
