Microsoft Edge Multiple Vulnerabilities

Release Date: 18 Sep 2023 6729 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities were identified in Microsoft Edge.  A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and security restriction bypass on the targeted system.

 

Note:

For CVE-2023-4863, heap buffer overflow in WebP may lead to arbitrary code execution. Google is aware that an exploit for CVE-2023-4863 exists in the wild.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Microsoft Edge (Stable) prior to 117.0.2045.31
  • Microsoft Edge (Version 109) prior to 109.0.1518.140
 

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to Microsoft Edge (Stable) version 117.0.2045.31 or later
  • Update to Microsoft Edge (Version 109) version 109.0.1518.140 or later

Vulnerability Identifier

Source

Related Link

Related Tags

EdgeDenial of ServiceElevation of PrivilegeRemote Code ExecutionSecurity Restriction BypassExploit In The Wild

Share with

Previous

Google Chrome Remote Code Execution Vulnerability

12 Sep 2023 6779 Views

Next

GitLab Security Restriction Bypass Vulnerability

20 Sep 2023 3798 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY