Microsoft Edge Vulnerability Let Attackers Execute Malicious Code
Three original vulnerabilities were inform in Microsoft Edge (Chromium-primarily based) connected with A long way flung Code execution and Spoofing. The CVEs of these vulnerabilities were assigned as CVE-2023-36022, CVE-2023-36029, and CVE-2023-36034.
The severity of these vulnerabilities ranges between 4.3 (Medium) and 6.6 (Medium). On the opposite hand, Microsoft has released patches for fixing these vulnerabilities and suggested its users crimson meat up them accordingly.
CVE-2023-36022 & CVE-2023-36034: Microsoft Edge A long way flung Code Execution Vulnerability
This vulnerability may per chance presumably well well additionally be exploited by an unauthenticated, far off threat actor and set far off instructions on the affected versions of Microsoft Edge. On the opposite hand, Per Microsoft, this vulnerability requires person interaction to be performed earlier than exploitation.
The severity for this vulnerability has been given as 6.6 (Medium).
Webinar on Cyber Resilience for Monetary Sector
Be particular your Cyber Resiliance with the most contemporary wave of cyber-attacks focusing on the financial companies and products sector. Nearly 60% respondents no longer assured to get better fully from a cyber assault.
CVE-2023-36029: Microsoft Edge Spoofing Vulnerability
This vulnerability may per chance presumably well well additionally be exploited by an unauthenticated attacker with network glean admission to, which requires particular person interactions to be performed. On the opposite hand, further particulars about this vulnerability secure no longer been published. The severity of this vulnerability has been given as 4.3 (Medium).
Microsoft confirmed that there don’t appear to be any publicly readily accessible exploits for fixing these vulnerabilities.
Affected Products
CVE ID | Affected Products | Affected Variations | Mounted in Version |
CVE-2023-36022 | Microsoft Edge (Chromium-primarily based) | earlier than 119.0.2151.44 | 119.0.2151.44 |
Microsoft Edge (Chromium-primarily based) Extended Stable | earlier than 118.0.2088.88 | 118.0.2088.88 | |
CVE-2023-36029 | Microsoft Edge for Android | earlier than 118.0.2088.88 | 118.0.2088.88 |
CVE-2023-36034 | Microsoft Edge (Chromium-primarily based) | earlier than 119.0.2151.44 | 119.0.2151.44 |
Microsoft Edge (Chromium-primarily based) Extended Stable | earlier than 118.0.2088.88 | 118.0.2088.88 |
Users of these products are suggested to crimson meat as a lot as the most contemporary versions of these products to forestall these vulnerabilities from getting exploited.
Source credit : cybersecuritynews.com