Microsoft Edge has received a small update in the Stable Channel. Version 126.0.2592.113 is now available for download with a bunch of important fixes. The update resolves a renderer crash when turning on certain accessibility features and a bug with the new tab page news feed showing up and ignoring the policy that should block the feed. Also, there are nine patches for high-severity Chromium vulnerabilities.
Here is the official changelog:
Version 126.0.2592.113: July 18, 2024
- Fixed various bugs and performance issues, improved reliability.
Stable channel security updates are listed here.
Improved reliability
- Fixed a renderer crash (STATUS_ACCESS_VIOLATION) that occurred when using some sites with web contents accessibility enabled, including on the Azure portal or Intune dashboard.
Fixes
- Resolved an issue that allowed the Microsoft Edge New Tab Page feed to be activated even when the NewTabPageContentEnabled policy was set to disabled.
As for security patches, Edge 126.0.2592.113 includes the following fixes for Chromium vulnerabilities:
-
CVE-2024-6779: Out-of-bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
-
CVE-2024-6778: Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
-
CVE-2024-6777: Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
-
CVE-2024-6776: Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
-
CVE-2024-6775: Use after free in Media Stream. (Chromium security severity: High)
-
CVE-2024-6774: Use after free in Screen Capture. (Chromium security severity: High)
-
CVE-2024-6773: Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
-
CVE-2024-6772: Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out-of-bounds memory access via a crafted HTML page. (Chromium security severity: High)
You can update Microsoft Edge to the latest version by heading to Menu > Help and Feedback > About Microsoft Edge. Alternatively, type edge://settings/help in the address bar. Like every other modern browser, Edge can update itself automatically in the background, so you can just continue using it as is and apply the latest update upon the next restart.