Key points:

  • The Enhanced Spellcheck feature on Microsoft Edge and Google Chrome has come under scrutiny
  • There is some speculation that sensitive data is being sent to these two tech heavyweights
  • This issue has seen light after security researchers issued a warning regarding the privacy of enterprise users

Browser companies have always played with fire when we speak about privacy and security. Most web browsers boast about the degree of security their products and services offer. Despite their fame and dominance, Microsoft and Google are no exception. 

Microsoft Edge and Google Chrome both come with spell-checking functionality of the browser. Microsoft Edge’s Microsoft Editor and Chrome’s Enhanced Spellcheck were primarily created to enhance spell-checking. However, there are some growing concerns about these functions. 

Security researchers have claimed that these functions directly transfer anything that a user types of company servers. 

YOU MAY ALSO LIKE: Google to Ban Chrome Extensions That Mine Cryptocurrency

Chrome and Edge spellcheck functions under fire

Chrome users can find the Enhanced Spellcheck feature under the Languages settings page. Here’s how users can access it:

  • Clicking the three dots on the top left corner>Settings>Languages
  • Typing chrome://settings/languages in the address bar

Once this function is enabled, Chrome deploys the same spell checker that Google Search uses. Google notes all the text that is typed by users once they enable this feature. 

In the same way, when people use Microsoft Editor on Edge, they are sending sensitive information to Microsoft when they improve their spell checking. However, Microsoft does not mention that the typed data is delivered to its servers when customers are using this function. Josh Summit published his findings in the otto-js company blog. 

What did security researchers find?

After enabling the spell-checking features, Summitt found the browsers were sending almost all typed data automatically. This included usernames, email addresses, as well as any information typed in comments or text fields.

When users select the “display password” option on websites, passwords are sent automatically even though they are not requested by default. Then, along with other data, the passwords are sent to servers owned by third parties.

They can use the improved functionality with a single click. 

Although Google notifies users when typed data is sent, Microsoft’s Edge browser does not. Summitt points out that as a result, both households and businesses are feeling the heat.

Disabling Enhanced Spellchecker in Chrome

Step 1

Click on the browser’s address bar and type chrome://settings/languages or

Select Menu (3 dots on the top right corner)>Settings>Languages

Step 2

Find the Spell Check option

Step 3

Enable “basic spell check,” and disable the “advanced spellcheck” option. 

Disabling Microsoft Editor on Microsoft Edge

Step 1

Click on the browser’s address bar and type Click on the browser’s address bar and type edge://settings/languages or

Select Menu (3 dots on the top right corner)>Settings>Languages

Step 2

Find the “use write assistance” option

Step 3

Select the Basic assistance option and disable the “use writing assistance” option

What are your thoughts on this story? Are Google and Microsoft at fault? Leave a comment below to tell us what you think. 

YOU MAY ALSO LIKE: Microsoft Claims Sony Pays Blocking Rights

Feature Image: Image by Deepanker Verma from Pixabay