Microsoft Edge Update Tackles 18 Vulnerabilities, Including Proprietary Fixes

CVE-2024-39379

Microsoft has recently released a security update for its Edge browser, version 127.0.2651.74, addressing a total of 18 vulnerabilities. The update incorporates patches for 16 vulnerabilities found in the open-source Chromium project, upon which Edge is based. Additionally, Microsoft has included proprietary fixes for two vulnerabilities specific to Edge.

Among the addressed vulnerabilities is CVE-2024-39379, an issue originating from Adobe software used within Edge. This vulnerability could potentially enable remote code execution, a serious threat that allows attackers to gain control over a compromised system. The update also patches CVE-2024-38103, an information leakage vulnerability that could expose sensitive data to malicious actors.

The Common Vulnerability Scoring System (CVSSv3.1) has assigned base scores of 7.0 and 5.9 to CVE-2024-39379 and CVE-2024-38103, respectively. Both vulnerabilities are classified as “Moderate” in severity on a four-tier scale. While these ratings indicate a lower level of criticality compared to “High” or “Critical” vulnerabilities, they still represent significant threats that required prompt attention and remediation.

Users are strongly encouraged to install the latest Microsoft Edge update to ensure their browsing experience remains secure. By promptly addressing vulnerabilities, both in the Chromium project and within its proprietary code, Microsoft aims to maintain a high level of security for its Edge browser users.

Related Posts: