Skip to main content

Microsoft Edge Multiple Vulnerabilities

Release Date: 4 Oct 2021 6168 Views

RISK: Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities were identified in Microsoft Edge, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution and sensitive information disclosure on the targeted system.

 

HKCERT is aware of these vulnerabilities have been reported publicly that they are being exploited in the wild, and encourages users and administrators to review the security update pages for the affected products and apply the related updates as soon as possible.

 

Note:
CVE-2021-37975 and CVE-2021-37976 are being exploited in the wild.


Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Microsoft Edge prior to 94.0.992.38

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 94.0.992.38

Vulnerability Identifier


Source


Related Link