The Indian Computer Emergency Response Team ( CERT-In ) has warned users of multiple vulnerabilities in Microsoft Edge browser. As per the government agency, which comes under the ministry of electronics & information technology, the bugs may allow an attacker to obtain sensitive information.
“Multiple vulnerabilities have been reported in Microsoft Edge (chromium-based) which could allow the remote attacker to cause a denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system,” said the CERT-In advisory.
The software that is affected with this vulnerability includes all Microsoft Edge (Stable) versions before '124.0.2478.51'.
How can hackers attack Microsoft Edge users
As per the agency, a remote attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system to gain enhanced privileges.
According to the cyber agency, these vulnerabilities exist in Microsoft Edge due to object corruption in V8 and WebAssembly, use after free in V8, downloads and QUIC, inappropriate implementation in autofill, inappropriate implementation in extension, network and prompts, and others.
Cert-In advised users to apply appropriate security updates as mentioned by the company.
Last week, the cybersecurity watchdog issued a warning for users of various Microsoft products including Windows 10, Windows 11 and Microsoft Office. CERT-in said that it found vulnerabilities in Microsoft Windows products that could be exploited by the attacker to bypass security and compromise the targeted system.
The agency classified the vulnerability as ‘critical’ on the severity scale, and it may allow “an attacker to execute arbitrary code, bypass security features, and compromise the targeted system.”
“Multiple vulnerabilities have been reported in Microsoft Edge (chromium-based) which could allow the remote attacker to cause a denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system,” said the CERT-In advisory.
The software that is affected with this vulnerability includes all Microsoft Edge (Stable) versions before '124.0.2478.51'.
How can hackers attack Microsoft Edge users
As per the agency, a remote attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system to gain enhanced privileges.
According to the cyber agency, these vulnerabilities exist in Microsoft Edge due to object corruption in V8 and WebAssembly, use after free in V8, downloads and QUIC, inappropriate implementation in autofill, inappropriate implementation in extension, network and prompts, and others.
Cert-In advised users to apply appropriate security updates as mentioned by the company.
Last week, the cybersecurity watchdog issued a warning for users of various Microsoft products including Windows 10, Windows 11 and Microsoft Office. CERT-in said that it found vulnerabilities in Microsoft Windows products that could be exploited by the attacker to bypass security and compromise the targeted system.
The agency classified the vulnerability as ‘critical’ on the severity scale, and it may allow “an attacker to execute arbitrary code, bypass security features, and compromise the targeted system.”
You may also like
Novak Djokovic gamble pays off as rivals falling apart ahead of French Open
Chhattisgarh: Self-help groups go door to door with tamarind leaves, yellow rice to drive voter turnout in Phase 3
SHOCKING! Bottle Thrown At Sunidhi Chauhan During (City) Concert. Singer REACTS
Anand Mahindra's Post on Wildlife Coexistence in Pench Tiger Reserve