The Indian Computer Emergency Response Team (CERT-In) under the Ministry of IT has issued a high intensity warning Microsoft Edge Browser users. Warning for users who are using browser version before 99.0.1150.30. As a precaution, multiple vulnerabilities have been reported Edge browser Which can be used by an attacker to compromise the targeted system.
The adviser further states that “these vulnerabilities exist in Microsoft Edge Due to hip buffer overflow in ANGLE, use after-free in Cast UI, free after use in Omnibox, out of reading range in ANGLE, use free after view, after webshare- Use free, blink layout confusion type, use-after-free in media, out of memory access in Mojo, use-free in MediaStream, insufficient policy implementation in installer, hip buffer overflow in cast UI, improper implementation in HTML parser, full screen mode Improper implementation, improper implementation in permissions, use-free in browser switcher, data leak on canvas, improper implementation in Autofile, use in Chrome OS shell-after-free and out of range memory access in WebXR.
An attacker can exploit these vulnerabilities by sending a specially crafted request. Successful exploitation of these vulnerabilities may allow the attacker to compromise with the target system.
What users can do to stay safe
To avoid any exploitation, CERT-In Microsoft Edge advises users to update their browser to the latest version. Version 99.0.1150.39 was rolled out by tech giants last week and includes the latest security updates. Chromium The project update also fixes various bugs and performance issues.
According to StatCounter, Edge is now used on desktops worldwide at 9.54%, just behind Apple’s Safari with 9.84% market share. The data further reveals that Google Chrome still holds the largest market share with 65.38% users. Edge has grown significantly since the launch of the new Windows OS.