mickmick.net

Microsoft Edge Multiple Vulnerabilities

Release Date: 22 Aug 2023

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Microsoft Edge.  A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution, denial of service condition, sensitive information disclosure and security restriction bypass on the targeted system.

---

Impact

• Remote Code Execution
• Denial of Service
• Information Disclosure
• Security Restriction Bypass
• Elevation of Privilege

---

System / Technologies affected

• Microsoft Edge prior to 116.0.1938.54

 

---

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

• Update to version 116.0.1938.54 or later

---

Vulnerability Identifier

• CVE-2023-2312
• CVE-2023-4349
• CVE-2023-4350
• CVE-2023-4351
• CVE-2023-4352
• CVE-2023-4353
• CVE-2023-4354
• CVE-2023-4355
• CVE-2023-4356
• CVE-2023-4357
• CVE-2023-4358
• CVE-2023-4359
• CVE-2023-4360
• CVE-2023-4361
• CVE-2023-4362
• CVE-2023-4363
• CVE-2023-4364
• CVE-2023-4365
• CVE-2023-4366
• CVE-2023-4367
• CVE-2023-4368
• CVE-2023-36787
• CVE-2023-38158

---

Source

• Microsoft Edge

---

Related Link

• https://msrc.microsoft.com/update-guide/vulnerability/
• https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#august-21-2023