Microsoft Edge Multiple Vulnerabilities
Release Date: 20 Sep 2024
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution and cross-site scripting on the targeted system.
Impact
- Remote Code Execution
- Denial of Service
- Cross-Site Scripting
- Spoofing
System / Technologies affected
- Microsoft Edge (Stable) prior to 129.0.2792.52
- Microsoft Edge (Extended Stable) prior to 128.0.2739.90
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to Microsoft Edge (Stable) version 129.0.2792.52 or later
- Update to Microsoft Edge (Extended Stable) version 128.0.2739.90 or later
Vulnerability Identifier
- CVE-2024-8904
- CVE-2024-8905
- CVE-2024-8906
- CVE-2024-8907
- CVE-2024-8908
- CVE-2024-8909
- CVE-2024-38221
- CVE-2024-43489
- CVE-2024-43496
Source
Related Link
- https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#september-19-2024
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8909
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8908
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8907
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8906
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8905
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8904
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43489
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43496
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38221
沒有留言:
發佈留言