mickmick.net

Microsoft Edge Multiple Vulnerabilities

Release Date: 21 Mar 2022

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure and elevation of privilege on the targeted system.

---

Impact

• Elevation of Privilege
• Remote Code Execution
• Information Disclosure

---

System / Technologies affected

• Microsoft Edge prior to 99.0.1150.46

---

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

• Update to version 99.0.1150.46

---

Vulnerability Identifier

• CVE-2022-0971
• CVE-2022-0972
• CVE-2022-0973
• CVE-2022-0974
• CVE-2022-0975
• CVE-2022-0976
• CVE-2022-0977
• CVE-2022-0978
• CVE-2022-0979
• CVE-2022-0980
• CVE-2022-26899

---

Source

• AusCERT
• Microsoft Edge

---

Related Link

• https://www.auscert.org.au/bulletins/ASB-2022.0070
• https://msrc.microsoft.com/update-guide