Microsoft has a minor update for Edge users running Stable builds. Version 123.0.2420.97 is now available for download with two important changes: fixes for crashes caused by sync issues and three patches for Chromium vulnerabilities of high severity that allowed remote attacks. Here are the details.
What is new in Microsoft Edge 123.0.2420.97?
The official changelog for Microsoft Edge version 123.0.2420.97 includes the following:
Version 123.0.2420.97: April 12, 2024
Microsoft has released the latest Microsoft Edge Stable Channel (Version 123.0.2420.97) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.
- Fixed various bugs and performance issues, improved reliability.
Improved reliability
- Fixed a browser crash which was related to Microsoft Edge Sync.
Security patches in version 123.0.2420.97 include three fixes for Chromium vulnerabilities of high severity:
-
Chromium: CVE-2024-3515 Use after free in Dawn: Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
-
Chromium: CVE-2024-3516 Heap buffer overflow in ANGLE: Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
-
Chromium: CVE-2024-3157 Out of bounds write in Compositing: Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)
To update Microsoft Edge to the latest version, go to Settings > Help & Feedback > About Microsoft Edge. Alternatively, type edge://settings/help in the address bar. The browser will check for available updates and install them automatically.
In case you missed it, earlier this month, Microsoft released another security update with three patches for Chromium vulnerabilities and two for Edge-specific security holes.