Skip to main content

Microsoft Edge Multiple Vulnerabilities

Release Date: 30 Nov 2023 5684 Views

RISK: Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, data manipulation, remote code execution and denial of service condition on the targeted system.

 

Note:

For CVE-2023-6345, Integer overflow in Skia (open-source 2D graphics library), the vulnerability could result in remote code execution. Google is aware of a report that this issue may have been exploited in the wild.


Impact

  • Remote Code Execution
  • Denial of Service
  • Data Manipulation
  • Security Restriction Bypass

System / Technologies affected

  • Microsoft Edge (Stable) prior to 119.0.2151.97
  • Microsoft Edge (Extended Stable) prior to 118.0.2088.122

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to Microsoft Edge (Stable) version 119.0.2151.97 or later
  • Update to Microsoft Edge (Extended Stable) version 118.0.2088.122 or later

Vulnerability Identifier


Source


Related Link