Cert-In finds multiple bugs in Microsoft Edge: What users should do

The Indian Computer Emergency Response Team (Cert-In) has issued a warning to users of multiple vulnerabilities in Microsoft Edge (Chromium-based). The cybersecurity agency says that multiple vulnerabilities have been reported in the browser that may allow an attacker to compromise the system.

Cert-In, which comes under the ministry of electronics and information technology, said that the affected software includes Microsoft Edge Stable versions prior to 126.0.2592.68.

“Multiple vulnerabilities have been reported in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system,” Cert-In said in its advisory.

Why these bugs appeared and how it can affect users
According to the cyber agency, these vulnerabilities exist in Microsoft Edge (Chromium-based) due to “type confusion in V8, inappropriate implementation in WebAssembly, out of bounds memory access in dawn and use after free in dawn”.

“An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted webpage,: it added, saying that “successful exploitation of these vulnerabilities could allow an attacker to compromise the targeted system.”

What users can do
Cert-In advised users to apply appropriate security updates as mentioned by Microsoft. Keeping Microsoft Edge updated is crucial for optimal performance as updates deliver the newest features, security patches to safeguard the system, and bug fixes to ensure smooth browsing. ToI