Microsoft Edge is based on the Chromium engine which seems to be facing security issues quite often and users have been warned about it.
Microsoft Edge browser has a security issue that has been highlighted with a medium severity rating by the Indian Computer Emergency Response Team or CERT-In this week. The security agency claims that the web browser from Microsoft has multiple security vulnerabilities that could allow an attacker to remotely execute arbitrary code and access sensitive information on the targeted system.
The agency has also given the details of the issue and how it could affect the targeted devices. “The vulnerabilities exist in Microsoft Edge due to insufficient validation of user input or insecure handling of specific types of data within the browser, out-of-bounds read in WebTransport, insufficient data validation in Dawn. ” the CERT-In mentions in its notes.
Microsoft Edge Security Issue: Who Is Affected
The CERT-In mentions that the security issue is affecting Edge browser version prior to 127.0.2651.86. So if you have versions higher than this one, you are protected by the latest Microsoft patch for the update.
Exploiting these issues means attackers generally resort to phishing attempts to infect their devices, and these security loopholes have become the popular medium for them to attack. The best way to avoid falling prey for such attempts are:
– Never open emails from unknown senders
– Never download any attachments given in an email from unknown people
– Never click on on any link given in the mail from unknown people
Microsoft has already issued a security bulletin for this issue, so we suggest you update the Edge browser on your PC and other devices right away.
The security alert comes in a week when Android users have been warned about major security issues that might have been exploited in the wild. Google says the patches for over 40 vulnerabilities are rolling out this week, and other brands will be doing for their devices soon.