Microsoft Edge is one of the most widely used web browsers around the globe. It currently has the second-largest market share for desktop users after Google Chrome as it is the default browser for Windows users. As our reliance on the internet is increasing day by day, we often share a lot of our sensitive information such as banking details, birth dates, and locations through our browser. To keep users safe, Microsoft regularly releases security updates for the Edge browser. While tech giants recommend keeping browsers up to date, some users opt for older versions for convenience. However, it's very important to recognise that outdated browsers are more vulnerable to security risks. Several such vulnerabilities have been discovered in Microsoft Edge, prompting the Indian government to issue a warning for users with versions prior to 129.0.2792.52.
Also read: iPhone SE 4 launch inching closer, to mark these firsts for Apple
The Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has revealed that multiple vulnerabilities have been reported in Microsoft Edge and successful exploitation of these vulnerabilities could allow a remote attacker to trigger remote code execution, perform UI spoofing, exploit stack and heap corruption on the targeted system.
Also read: iOS 18.1 release date India - Here's when iPhone users may get Apple Intelligence
These vulnerabilities exist in Microsoft Edge (Chromium-based) due to inappropriate implementation in UI, Autofill & V8; insufficient data validation in Omnibox, Type Confusion in V8, incorrect security UI in Downloads, Out-of-bounds Write issue and improper neutralization of input during web page generation. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted Website/HTML page. Successful exploitation of this vulnerability could allow a remote attacker to trigger remote code execution, perform UI spoofing, exploit stack
Read more on tech.hindustantimes.com