CERT-In finds multiple bugs in Microsoft Edge, advises users to update

66

New Delhi, April 24 (IANS) The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, on Wednesday warned users of multiple vulnerabilities in Microsoft Edge which could allow an attacker to obtain sensitive information, bypass security restriction and cause denial-of-service (DoS) conditions on the targeted system.

The affected software includes Microsoft Edge (Stable) versions before ‘124.0.2478.51’.

“Multiple vulnerabilities have been reported in Microsoft Edge (chromium-based) which could allow the remote attacker to cause a denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system,” said the CERT-In advisory.

According to the cyber agency, these vulnerabilities exist in Microsoft Edge due to object corruption in V8 and WebAssembly, use after free in V8, downloads and QUIC, inappropriate implementation in autofill, inappropriate implementation in extension, network and prompts, and others.

“A remote attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system,” the agency mentioned.

Cert-In advised users to apply appropriate security updates as mentioned by the company. Earlier this month, the cyber agency warned users of multiple vulnerabilities in Microsoft products which include — Microsoft Windows, Microsoft Office, Developer Tools, Azure, Brower, System Center, Microsoft Dynamics, and Exchange Server. As per the advisory, these vulnerabilities could allow an attacker to obtain information disclosure, bypass security restrictions and cause DoS conditions on the targeted system.

–IANS

shs/pgh

Go to Source

Disclaimer

The information contained in this website is for general information purposes only. The information is provided by BhaskarLive.in and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.

In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.

Through this website you are able to link to other websites which are not under the control of BhaskarLive.in We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.

Every effort is made to keep the website up and running smoothly. However, BhaskarLive.in takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.

For any legal details or query please visit original source link given with news or click on Go to Source.

Our translation service aims to offer the most accurate translation possible and we rarely experience any issues with news post. However, as the translation is carried out by third part tool there is a possibility for error to cause the occasional inaccuracy. We therefore require you to accept this disclaimer before confirming any translation news with us.

If you are not willing to accept this disclaimer then we recommend reading news post in its original language.

Online Cricket Play Online