Warning for Microsoft Edge Users: Indian Government Highlights Serious Security Risk
The Indian government this week warned users about a major security issue related to the Microsoft Edge web browser. A new security bulletin dated August 27 by the Computer Emergency Response Team of India, or CERT-In, comes with a high severity rating. The security agency claims that Microsoft’s web browser has multiple security vulnerabilities that could allow an attacker to hide their specially crafted website, which is usually malicious, and be able to bypass device security using the problem.
CERT-In alert on Microsoft Edge: What it says
The agency detailed the issue and how it might affect targeted devices, and the Edge browser clearly has a bigger problem on its hands. “These vulnerabilities exist in Microsoft Edge (Chromium-based) due to free after-use in passwords, autofill; Improper implementation in V8, permissions, FedCM, views, WebApp installs, custom tabs, extensions, bounds memory access in Skia; heap buffer overflow in fonts, PDFium, type confusion in V8, insufficient data validation in V8 API; Installer and inadequate policy enforcement in data transfer. A remote attacker could exploit these vulnerabilities by sending a specially crafted request to the target system,” CERT-In mentions in its notes.
Microsoft Edge security vulnerability: Which version is affected?
It also mentions that the security issue is affecting stable versions of the Edge browser prior to 128.0.2739.42. So if you have more versions than this, you are protected by the latest Microsoft patch for updates. If not, we advise you to update to the latest version immediately.
The good news is that Microsoft has already issued a security bulletin for this issue, so we suggest you update the Edge browser on your PC and other devices immediately. You can go to Microsoft Edge – Help and Feedback – About Microsoft Edge and you will automatically see the latest version installed on the device.