Microsoft Edge Multiple Vulnerabilities
Release Date: 20 May 2024
RISK: Extremely High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution and sensitive information disclosure on the targeted system.
Note:
The CVE-2024-4947 vulnerability is being exploited in the wild.
Impact
- Denial of Service
- Remote Code Execution
- Spoofing
- Information Disclosure
System / Technologies affected
- Microsoft Edge (Stable) prior to 124.0.2478.109
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to Microsoft Edge (Stable) version 124.0.2478.109 or later
Vulnerability Identifier
Source
Related Link
- https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#may-16-2024
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4947
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4948
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4949
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4950
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30056
沒有留言:
發佈留言