Government flags major security issues for Microsoft Edge: Find steps inside to mitigate vulnerabilities

Written By: ZeeBiz WebTeam New Delhi ZeeBiz WebDesk Updated on: October 09, 2024, 02.58 PM IST

The advisory stated that attackers could execute a remote attack by bypassing the security restrictions and executing arbitrary code on the targeted system.

The Government watchdog, Computer Emergency Response Team (CERT-In), has issued a warning flagging security issues regarding the native Windows web browser – Microsoft Edge. Classifying the vulnerabilities as of ‘High’ severity, the warning mentioned that attackers can exploit these vulnerabilities to gain access to the sensitive information on the targeted machines.

COMMERCIAL BREAK

SCROLL TO CONTINUE READING

CERT-In flagged three issues within the Edge browser, including CVE-2024-9370, CVE-2024-7025, and CVE-2024-9369. The advisory stated that attackers could execute a remote attack by bypassing the security restrictions and executing arbitrary code on the targeted system.

The government body’s advisory reads, “The vulnerabilities exist in Microsoft Edge (Chromium-based) due to insufficient data validation in Mojo, Inappropriate implementation in V8 and Integer overflow in Layout. A remote attacker could exploit these vulnerabilities by sending a specially crafted request to the targeted system.”

The report clearly underscores that the issues found in Edge primarily affect the Version Microsoft Edge (Chromium-based) version before 129.0.2792.79.

The best way to fix this issue is to update the browser to its latest version. Follow these steps to update the browser:

- Open Edge Browser

- Navigate to Settings

- Go to ‘About Edge’

- Wait until it checks for the latest version

- Install the latest version

- After installing, restart the browser

In other developments, the CERT-in recently issued ‘High’ severity vulnerability warning concerning Apple products like iOS, iPadOS and macOS. The government watchdog noted that the tech giant had fixed the issues with the latest software updates. To fix the issue, users were advised to update their devices with the latest software versions.

Earlier this year, CERT-in had also warned users of vulnerabilities regarding Apple iTunes and Google Chrome for desktops. The vulnerability could allow a hacker to execute arbitrary code on the targeted system.

The advisory issued by CERT-in stated that the 'Remote Code Execution' vulnerability exists in the Apple Product due to improper checks in the CoreMedia component. A remote attacker could leverage this vulnerability by sending a specially crafted request.

Get Latest Business News, Stock Market Updates and Videos; Check your tax outgo through Income Tax Calculator and save money through our Personal Finance coverage. Check Business Breaking News Live on Zee Business Twitter and Facebook. Subscribe on YouTube.