Microsoft Edge Multiple Vulnerabilities

Last Update Date: 29 Aug 2024 Release Date: 23 Aug 2024 5498 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.

 

Notes:

CVE-2024-7971 is being exploited in the wild. The vulnerability is caused by a type confusion weakness in the Chrome V8 JavaScript engine and can lead to remote code execution on targeted device.

 

CVE-2024-7965 is being exploited in the wild. The vulnerability allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 

[Updated on 2024-08-29] 

Updated Description.

Impact

  • Remote Code Execution
  • Denial of Service
  • Information Disclosure
  • Security Restriction Bypass

System / Technologies affected

  • Microsoft Edge (Stable) prior to 128.0.2739.42

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to Microsoft Edge (Stable) version 128.0.2739.42 or later

Vulnerability Identifier

Source

Related Link

Related Tags

EdgeRemote Code ExecutionDenial of ServiceInformation DisclosureSecurity Restriction BypassExploit In The Wild

Share with

Previous

Google Chrome Multiple Vulnerabilities

22 Aug 2024 6548 Views

Next

Google Chrome Multiple Vulnerabilities

29 Aug 2024 3375 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY