This article examines how Device Code Phishing exploits the OAuth 2.0 authentication process used by Microsoft and Google. It details the mechanics of the attack, illustrating how attackers can trick users into providing access tokens through a seemingly legitimate flow. The comparison highlights the different security postures of the two identity providers.

Google is implementing a security feature in Chromium that prevents Google Chrome from running with administrative permissions by automatically "de-elevating" the browser upon launch. This change, inspired by a similar feature in Microsoft's Edge browser, aims to mitigate security risks associated with running the browser as an administrator, which can lead to malicious files executing with full system access.