The Indian Computer Emergency Response Team (CERT-In) that is supervised by the IT Ministry has issued a high-severity warning for users of Microsoft Edge browser.
What are the issues with Microsoft Edge browser?
The warning pertains to users who have been using a version of the browser that is earlier than 99.0.1150.30. According to the warning, several vulnerabilities have been reported that can easily be exploited by the attacker for compromising the target system.
The CERT-in advisory states that “these vulnerabilities exist in Microsoft Edge because of Heap buffer overflow in ANGLE, use-after-free in Cast UI, use-after-free in Omnibox, out of read range in ANGLE, use-after-free in Views, use-after-free in WebShare, in Blink Layout Type confusion, Use-after-free in Media, out of bounds of memory access in Mojo, use-after-free in MediaStream, insufficient policy enforcement in Installer, heap buffer overflow in Cast UI, improper implementation in HTML parser, Full screen Improper implementation in mode, Improper implementation in permissions, free after use in browser switcher, data leak in canvas, improper implementation in autofill, free after use in Chrome OS shell and memory access out of bounds in WebEXR.”
An attacker would be able to exploit these vulnerabilities by sending a wittily crafted request
What Microsoft Edge users can do to stay safe
For avoiding any kind of exploits, CERT-In has advised Microsoft Edge users to update the browser to the latest version. Version 99.0.1150.39 has been rolled out last week that includes the latest security updates of the Chromium Project. The update even has fixes for various bugs and performance issues.
According to data from StatCounter, Edge is used by 9.54% of desktops globally, only after Apple’s Safari worth a 9.84% of the market share. The data also reveals that Google Chrome holds the largest market share with 65.38% users.