Microsoft Edge browser has a security issue that has been highlighted with a medium severity rating by the Indian Computer Emergency Response Team or CERT-In this week. The security agency in this September 24 bulletin, claims that the web browser from Microsoft has multiple security vulnerabilities that could allow an attacker to bypass the security of your device and give them access to the data stored on it.
The security agency has given it a medium severity rating which might sound casual but the overall impact could be damaging.
CERT-In Warning For Edge Users
Multiple vulnerabilities exist in Microsoft Edge (Chromium) due to inappropriate implementation in UI, Autofill & V8,insufficient data validation in Omnibox, Type confusion in V8, incorrect security UI in downloads, out of bounds write issue and improper neutralisation of input during web page generation.
A remote attacker could exploit these issues by persuading the victim to visit a specially crafted website/HTML page. They will also be able to trigger remote code execution, perform UI spoofing, exploit stack, and heap corruption on the targeted system. Fair to say that even though the alert has a medium rating, the longish security details from Microsoft suggest a quick update is critical, if you want to protect your device from bad actors.
Microsoft Edge Security Risk: Who Is Affected
If you’re using the Chromium-based Edge browser with version prior to 129.0.2792.52 then you need to update the browser for your system right away.
Microsoft Edge Update: How To Get It
You can head over to Microsoft Edge on your Windows PC and do the following:
Click on the three-dot menu on the top-right
Hover over Help and Feedback
Click on About Microsoft Edge
The browser start looking for a new version and update to the latest one and reboot to take effect
Comments
0 comment