Speech & Audio

The Bing Wallpaper app may decrypt, read your cookies • The Register

The Bing Wallpaper app may decrypt, read your cookies • The Register


If you’ve been tempted to download the Bing Wallpaper app to spice up your Windows 11 desktop backgrounds, you may want to think twice.

The Bing Wallpaper app – itself not a new product – was recently added to the Microsoft Store for simpler download and installation. Going on a gut feeling to investigate it when the app appeared on the store, Rafael Rivera discovered a heap of concerning capabilities that he said on X essentially make it a piece of Microsoft-developed “malware.” 

“Who makes a dedicated wallpaper app these days?” Rivera posited to The Register in response to questions about his findings, which answer the question for him.

“That [question] led me to take a look using basic tools, such as ILSpy for code decompilation and Windows Sandbox for testing and observation,” Rivera said. “The code revealed concerning capabilities.” 

According to the self-identified Microsoft MVP alum, the Bing Wallpaper app includes undocumented features that enable it to alter Chrome browser extension preferences, and decrypt and read “all major browser cookies for user tracking purposes.” It can also display user prompts with configurable timing to reduce annoyance, utilize encrypted configuration storage, and detect or intercept browser launches “to promote extensions and launch arbitrary URLs” that prompt users to switch to Bing and Edge inside their default browser.

In his thread on X, Rivera noted that the app also installs Bing Visual Search on host PCs without asking users.

“I’ve only scratched the surface,” Rivera told us. “A full audit would be quite time-intensive and isn’t where I want to focus my energy.”

Feel free to audit it yourself, of course – but ESET already considers it a potentially unwanted program if that helps solidify the degree to which Bing Wallpaper is trusted. 

Microsoft denies decrypting all cookies

When asked to disprove Rivera’s claims, Microsoft assured us that “the Bing Wallpaper app does not peruse and decrypt all [emphasis added] user Edge and Chrome cookies,” a distinction Rivera dismissed as “splitting hairs” – and notably, Redmond doesn’t mention Firefox.

“The app locates where Google Chrome, Microsoft Edge, and Mozilla Firefox store their cookies, queries for cookies with names they are interested in (such as MUID), retrieves their encrypted content, and then proceeds to decrypt them, all without user intervention,” Rivera said in response to Microsoft’s claims. “The cookie values then appear to get sent to or are used by Microsoft.”

Microsoft further noted that the app performs a Bing cookie check to avoid repeatedly offering users the Bing app if it’s already installed, but didn’t otherwise address the app’s handling of cookies. 

Redmond also told us that the Bing Wallpaper app isn’t new, and the version added to the Microsoft Store didn’t include any new functionality or changes from previous versions. 

Rivera noted that Bing Wallpaper is distributed through multiple channels and in various forms that include the ability for it to be remotely reconfigured. “It’s not immediately clear, or documented, which configurations do and do not offer/install certain features,” he told us. 

In short, you might want to take a pass on installing this one – it’s another in a long line of questionable data gathering practices by Microsoft that show no sign of slowing down – after all, if the app is free, the company will surely seek some way to monetize it. 

“What I find deeply troubling is Microsoft’s willing development and distribution of what is essentially malware,” Rivera said. “It’s heartbreaking to see one of my favorite tech giants deliberately create software that undermines user privacy and autonomy.” ®

The Bing Wallpaper app may decrypt, read your cookies • The Register

Source link