Microsoft Edge Multiple Vulnerabilities

Release Date: 21 Jan 2025

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.

---

Impact

• Denial of Service
• Elevation of Privilege
• Remote Code Execution
• Security Restriction Bypass
• Information Disclosure

---

System / Technologies affected

• Microsoft Edge Stable Channel version prior to 132.0.2957.115
• Microsoft Edge Update Setup version prior to 1.3.195.43

---

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

• Update to Microsoft Edge Stable Channel version 132.0.2957.115 or later
• Update to Microsoft Edge Update Setup version 1.3.195.43 or later

---

Vulnerability Identifier

• CVE-2025-0434
• CVE-2025-0435
• CVE-2025-0436
• CVE-2025-0437
• CVE-2025-0438
• CVE-2025-0439
• CVE-2025-0440
• CVE-2025-0441
• CVE-2025-0442
• CVE-2025-0443
• CVE-2025-0446
• CVE-2025-0447
• CVE-2025-0448
• CVE-2025-21185
• CVE-2025-21399

---

Source

• Microsoft Edge

---

Related Link

• https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#january-17-2025
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0434
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0435
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0436
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0437
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0438
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0439
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0440
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0441
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0442
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0443
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0446
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0447
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0448
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21185
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21399