Page Loader
Home / News / Technology News / Update your browser! Critical vulnerabilities found in Microsoft Edge
Summarize
Update your browser! Critical vulnerabilities found in Microsoft Edge
Microsoft has already addressed the vulnerabilities

Update your browser! Critical vulnerabilities found in Microsoft Edge

By Dwaipayan Roy
Oct 09, 2024
06:56 pm
What's the story

The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk advisory, warning Windows users about security vulnerabilities in Microsoft Edge. The flaws could permit a remote attacker to bypass security measures, and execute harmful code on a user's system, compromising sensitive data. The vulnerabilities exist in Chromium-based Microsoft Edge versions prior to 129.0.2792.79, CERT-In's warning states.

Technical glitches

Vulnerabilities stem from multiple issues

The vulnerabilities in Microsoft Edge stem from multiple issues including lack of data validation in Mojo, faulty implementation in the V8 JavaScript engine, and an integer overflow in the browser's layout process. Attackers could exploit such weaknesses by sending specially crafted requests to a user's system, or tricking them into visiting malicious websites or opening compromised HTML pages. This could lead to unauthorized control of systems and exposure of sensitive personal data.

Solution provided

Microsoft has addressed the vulnerabilities

Microsoft has already addressed such vulnerabilities in its latest updates—Microsoft Edge Stable Channel (version 129.0.2792.79) and Microsoft Edge Extended Stable Channel (128.0.2739.107). Users are strongly advised by CERT-In to update their browsers to these latest versions, as a step to protect their devices from potential attacks. The Indian government has also emphasized that outdated browsers pose significant risks and urged users to maintain security through regular updates.

Past alerts

CERT-In's previous warnings and recommendations

In a similar move last month, CERT-In flagged multiple high-risk issues in Apple products, including iPhones, Apple Watches, and Macs. Users were requested to update their devices to prevent unauthorized access and potential security breaches. CERT-In, a division of the Ministry of Electronics and Information Technology, has emphasized the importance of vigilance and regular updates for a secure browsing experience.