Tag: Microsoft Edge

  • CERT-In Finds Multiple Bugs In Microsoft Edge, Advises Users To Update |

    New Delhi: The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics and Information Technology, on Monday, warned users of multiple vulnerabilities in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system.

    The affected software includes Microsoft Edge Stable versions prior to 126.0.2592.68. “Multiple vulnerabilities have been reported in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system,” said the CERT-In advisory.

    According to the cyber agency, these vulnerabilities exist in Microsoft Edge (Chromium-based) due to “type confusion in V8, inappropriate implementation in WebAssembly, out of bounds memory access in dawn and use after free in dawn”.

    An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted webpage, the agency mentioned. CERT-In advised users to apply appropriate security updates as mentioned by the company.

    Meanwhile, CERT-In has joined hands with financial giant Mastercard to promote cooperation and information sharing in the area of cybersecurity related to the financial sector.

    The two entities will leverage their shared expertise regarding the financial sector in the fields of cybersecurity incident response, capacity building, sharing cyber threat intelligence specific to the financial sector and advanced malware analysis. 

  • Indian Cyber Agency Finds Multiple Bugs In Microsoft Edge, Advises Users To Update |

    New Delhi: The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, on Monday, warned users of multiple vulnerabilities in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system.

    The affected software includes Microsoft Edge Stable versions prior to 125.0.2535.85. “Multiple vulnerabilities have been reported in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system,” said the CERT-In advisory.

    According to the cyber agency, these vulnerabilities exist in Microsoft Edge (Chromium-based) due to ‘out of bounds’ memory access in keyboard inputs; out of bounds write in streams API; heap buffer overflow in WebRTC, use after free in dawn, media session and presentation API.

    An attacker could exploit these vulnerabilities by enticing a victim to open a specially crafted file, the agency mentioned. Cert-In advised users to apply appropriate security updates as mentioned by the company.

    Meanwhile, the cyber agency warned users of multiple vulnerabilities in Android which could allow an attacker to obtain sensitive information, gain elevated privileges and cause denial-of-service (DoS) conditions on the targeted system.

    As mentioned in the advisory, these vulnerabilities exist in Android due to flaws in the Framework, System, Google Play system updates, Kernel, Arm components, MediaTek components, Imagination Technologies and Qualcomm closed-source components.