The Indian government has warned users about a major security issue concerning the Microsoft Edge web browser this week. The new security bulletin on August 27 via the Indian Computer Emergency Response Team or CERT-In comes with a high severity rating.
The security agency claims that the web browser from Microsoft has multiple security vulnerabilities that could allow an attacker to disguise their specially crafted website that is generally malicious and able to bypass the device security with the help of the issue.
CERT-In Warning on Microsoft Edge: What It Says
The agency has given the details of the issue and how it could affect the targeted devices and the Edge browser clearly has a major problem on its hands. “These vulnerabilities exist in Microsoft Edge (Chromium-based) due to Use after free in Passwords, Autofill; Inappropriate implementation in V8, Permissions, FedCM, Views, WebApp Installs, Custom Tabs, Extensions, Out of bounds memory access in Skia; Heap buffer overflow in fonts, PDFium, Type Confusion in V8, Insufficient data validation in V8 API; Installer and Insufficient policy enforcement in Data transfer. A remote attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system,” CERT-In mentions in its notes.
Microsoft Edge Security Risk: Which Version Is Affected
It also mentions that the security issue is affecting Edge browser stable version prior to 128.0.2739.42. So if you have versions higher than this one, you are protected by the latest Microsoft patch for the update. If not, we advise you to update to the latest version right away.
The good news is that Microsoft has already issued a security bulletin for this issue, so we suggest you update the Edge browser on your PC and other devices right away. You can go to Microsoft Edge – Help And Feedback – About Microsoft Edge and you will automatically see the latest version installed on the device.
Comments
0 comment