Microsoft Edge Multiple Vulnerabilities
Release Date: 13 Sep 2024
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system.
Note:
Proof of Concept exploit code is available for CVE-2024-38222.
Impact
- Remote Code Execution
- Denial of Service
- Information Disclosure
System / Technologies affected
- Microsoft Edge (Stable) prior to 128.0.2739.79
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to Microsoft Edge (Stable) version 128.0.2739.79 or later
Vulnerability Identifier
- CVE-2024-7970
- CVE-2024-8194
- CVE-2024-8198
- CVE-2024-8362
- CVE-2024-8636
- CVE-2024-8637
- CVE-2024-8638
- CVE-2024-8639
- CVE-2024-38222
Source
Related Link
- https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#september-12-2024
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8639
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8638
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8637
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8636
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8198
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8194
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-7970
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8362
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38222
沒有留言:
發佈留言