When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Edge 127 gets three security updates and organizational branding cumstomization feature

Neowin · with 1 comment

Microsoft Edge logo

Microsoft has released a small update for its browser in the Stable and Extended Stable channels. Versions 127.0.2651.86 and 126.0.2592.132 are now available for download with a new feature for business customers and three important security patches originating from Chrome.

Here is the official changelog:

Customize organizational branding using the Microsoft Edge management service. Admins can customize their organization's branding assets onto Edge for Business through the Microsoft Edge management service. This branding can help users signed in with a Microsoft Entra ID more easily differentiate between multiple profiles and browser windows through visual cues on the profile pill, profile flyout, and Edge for Business taskbar icon.

This Microsoft Edge management service feature gives admins an enhanced experience to configure, preview, and customize how Edge for Business shows the following organization brand assets:

  • Organization name
  • Accent color
  • Organization logo
  • Edge for Business taskbar icon overlay

IT admins can find more information about organizational branding in Microsoft Edge 127 in the official documentation.

As for security updates, version 127.0.2651.86 fixed the following:

  • CVE-2024-6990 Uninitialized Use in Dawn (severity level critical): Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page.
  • CVE-2024-7255 Out of bounds read in WebTransport (severity level high): Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page.

  • CVE-2024-7256 Insufficient data validation in Dawn (severity high): Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

The same security updates are also available in Microsoft Edge Extended Stable Channel (version 126.0.2592.132), which receives updates every eight weeks instead of four.

Report a problem with article
People working on Microsoft Edge 128 beta
Next Article

Microsoft Edge 128 is now available in Beta Channel with SSE3 requirement and more

Google Pixel hero
Previous Article

Here's when Google may start shipping the Pixel 9 series and Pixel Buds Pro 2

Join the conversation!

Login or Sign Up to read and post a comment.

1 Comment - Add comment