Center alerts Microsoft Edge users to possible ‘high’ level hack threat

0

The Center has alarmed Microsoft Edge users to be careful and take precautionary measures against likely hacking attacks on the platform. Computer Emergency Response Team India (CERT-IN) issued the advisory with high severity rating on September 20 against several reported vulnerabilities in the web browser.

From time to time, CERT-IN posts information and vulnerability notices on its website. In the latest vulnerability note, the agency warned: “Multiple vulnerabilities have been reported in Microsoft Edge.” He added that the flaws “could allow a remote attacker to execute arbitrary code or cause denial of service conditions on the targeted system.”

Which versions are affected and why?

CERT-IN said the vulnerabilities are in software running on updates prior to 105.0.1343.42.

According to the report, these flaws exist in Google Chrome for Desktop due to Use-after-free (arising from the dynamic memory allocation operation) in PDF and Frames. Along with this, the vulnerabilities also come from heap-based buffer overflow.

ALSO READ: Center issues Google Chrome hack warning for desktop users

How would this influence the system?

These vulnerabilities will give the attacker access to the system, bypassing the security restrictions in place in the device. A remote attacker could then execute arbitrary code and launch a denial of service attack, rendering the system inaccessible to the original user.

The solution

Users should upgrade to the latest stable channel update available for Microsoft Edge browser.

CERT-IN is a statutory body under the Information Technology (Amendment) Act 2008. This nodal agency under the Ministry of Electronics and Information Technology deals with computer security incidents, reports vulnerabilities, and advocates strong computer security practices nationwide. It flags bugs and cybersecurity threats, including hacking and phishing attacks.

Designed and built by Microsoft, Microsoft Edge is a cross-platform web browser. It was first included with Windows 10 and Xbox One in 2015, and it was later made available for other platforms, including Android and iOS in 2017, macOS and earlier versions of Windows in 2019, and Linux. in 2020.

Share.

About Author

Comments are closed.