Microsoft Edge under “probable hack threat” by The Indian Computer Emergency Response Team (CERT-IN)

Microsoft Edge, a cross-platform web browser, was produced by Microsoft. It was first made available for Windows 10 and Xbox One in 2015, and then in 2017, 2018, and 2019 it was made accessible for Android, iOS, macOS, and older versions of Windows, as well as Linux and Windows XP. It was initially offered in 2015 coupled with an Xbox One and Windows 10.

Microsoft Edge users have been cautioned by The Indian Computer Emergency Response Team Center to be vigilant and take precautions against potential hacker attacks on the software. On September 20, the Indian Computer Emergency Response Team (CERT-IN) published an alert with a high severity rating about a number of publicly revealed web browser vulnerabilities.
CERT-IN occasionally publishes alert and vulnerability notices on its website. In its most recent vulnerability note, the organization stated that “Multiple vulnerabilities have been found in Microsoft Edge.” According to the statement, the flaws “may enable a remote attacker to execute arbitrary code or inflict denial of service conditions on the targeted system.”

The vulnerabilities were found in software that was upgraded before 105.0.1343.42, according to CERT-IN. According to the study, these problems in Google Chrome for Desktop are brought on by use-after-free flaws (caused by the operation of dynamic memory allocation in PDF and Frames). A further component that leads to the vulnerabilities is the heap-based buffer overflow.
An attacker will be able to access the system and bypass the device’s security protections through these weaknesses. A remote hacker’s denial of service attack and arbitrary code execution would render the system inaccessible to the original user after that.

Users should update their Microsoft Edge browsers to the most recent stable channel version as a fix.

According to the Information Technology (Amendment) Act of 2008, CERT-IN is a legally recognized organization. The Ministry of Electronics and Information Technology’s nodal organization deals with computer security-related concerns, keeps an eye out for security holes, and promotes strong IT security practices throughout the entire nation. It alerts users about security flaws and dangers like phishing and hacking.

 

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More