Microsoft has announced that it will shut down the cpanel extensions that support whms in Windows 10, Microsoft Edge, and Windows Phone.
The move, which Microsoft called a “precautionary measure,” comes amid a series of security issues in Whms, the popular Microsoft extension for enabling the sharing of your personal data across the Microsoft cloud.
Microsoft told Ars that the cPanel extensions for whmgs, which are also known as the Windows Media Player extensions, were disabled because of a new flaw that’s being found in Microsoft Edge.
Microsoft has been warning users about this flaw for some time, and has since removed support for Whms extensions from the Windows Store.
Microsoft Edge users have reported issues with Whms for years, but Microsoft’s update to the browser has not yet addressed the vulnerability.
“We have removed support from Microsoft Edge because we have found that we have not yet identified and addressed the security issue with Whmgs,” Microsoft’s security chief Rob Wainwright wrote in a blog post published Thursday.
Wain Wright is Microsoft’s senior director of the Internet Group, which is responsible for overseeing Microsoft Edge and Windows 10.
In his blog post, Wain told Ars he believes the flaw is “serious enough that we will take this action.”
Whms is Microsoft Edge’s extension for sharing personal data, which includes browsing history, app information, and contacts.
Microsoft says that Whms has been the leading Whms extension in the Windows Marketplace, and that it has been a popular extension for Edge users.
But the company has not always been upfront about the flaws in Whmg.
The extension’s first version in November 2016 included a vulnerability that could allow a remote attacker to get into a Whms account, and later versions added a new security feature that allowed the attacker to bypass the Whms authentication check.
That security feature was removed in March 2017, but it remained a security vulnerability in the extension.
Microsoft later introduced a new feature called Whms Secure Enrollment, which added another layer of security to the Whmg extension.
The Whms Security Check, which adds a new layer of authentication, has also been removed in Whmcs extension.
This new security flaw was found by researchers at security firm FireEye.
“It was only a matter of time before this was going to be a serious issue,” Chris Caldwell, the chief security officer at FireEye, told Ars.
“That’s not to say there are not still vulnerabilities, but we’re getting closer and closer to a fix.”
The latest Microsoft Edge security issue has been discovered by researchers from FireEye who were able to gain access to Whms.
“Whms is a great extension that helps people save time and make their lives easier, but as we’ve learned more about it over the past few months, we have identified several issues in the extensions that allow remote attackers to compromise an Edge user’s account,” Caldwell added.
“FireEye has identified a new vulnerability in Whmoctls extension that could give an attacker access to a user’s Whms profile.”
The security flaw, CVE-2017-1709, is currently known as CVE-2018-5066, and Microsoft’s fix is not available yet.
In a blogpost published Thursday, Microsoft said that Whmms extension has been “fully reviewed” and that “there is no evidence of any security vulnerabilities in Whmbs extension.”
Microsoft says it has patched Whmmbs security flaw in Whmls extension, but that the extension has not been “successfully patched for Edge.”
The Whmck extension was also affected by a security flaw discovered in Whmds extension.
In Whmmds, Microsoft has not released the version of the extension affected by the new security issue, but has said that it “has not been tested for this issue yet.”
The company did say that it is working on an update to Whmd’s extension, and added that “we will update users when that is ready.”