Microsoft Edge Multiple Vulnerabilities
Release Date: 27 May 2024
RISK: Extremely High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system.
Note:
CVE-2024-5274 is being exploited in the wild.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- Microsoft Edge (Stable) prior to 125.0.2535.67
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to Microsoft Edge (Stable) version 125.0.2535.67 or later
Vulnerability Identifier
Source
Related Link
- https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#may-24-2024
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5157
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5158
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5159
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5160
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5274
沒有留言:
發佈留言