The Computer Emergency Response Team of India (CERT-In) has issued an advisory regarding vulnerabilities in the Microsoft Edge browser for Windows. The nodal agency of the Ministry of Electronics and Information Technology has classified these vulnerabilities as high risk, stating that a remote attacker could exploit them to bypass security restrictions and execute arbitrary code on the target system.
“These vulnerabilities exist in Microsoft Edge (based on Chromium) due to insufficient data validation in Mojo, an inappropriate implementation in V8, and an integer overflow in Layout. “A remote attacker could exploit these vulnerabilities by sending a specially crafted request to the target system,” CERT-In said.
According to the agency, the affected software includes versions of Microsoft Edge earlier than 129.0.2792.79.
Microsoft has already fixed these vulnerabilities in the latest updates to Microsoft Edge Stable Channel (version 129.0.2792.79) and Microsoft Edge Extended Stable Channel (128.0.2739.107). The company stated that the Microsoft Security Response Center (MSRC) investigates all reports of security vulnerabilities affecting Microsoft products and services, and its latest releases incorporate the latest updates from the Chromium project.
It is recommended that users update their Microsoft Edge web browser to the latest version to avoid security threats.
Last month, CERT-In published an advisory highlighting multiple vulnerabilities in Apple products, including iPhones, Macs, and Apple Watches. According to the agency, high-risk vulnerabilities in Apple devices running older software versions could allow attackers to access sensitive information, execute arbitrary code, bypass security restrictions or even bypass authentication. Apple users are recommended to update their devices to the latest version of the operating system to avoid security breaches.
First published: October 9, 2024 | 11:43 am IS
Disclaimer:
The information contained in this post is for general information purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the post for any purpose.
We respect the intellectual property rights of content creators. If you are the owner of any material featured on our website and have concerns about its use, please contact us. We are committed to addressing any copyright issues promptly and will remove any material within 2 days of receiving a request from the rightful owner.