When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft fixes six security vulnerabilities in the latest Edge update

Neowin · with 0 comments

Microsoft Edge

Microsoft Edge has received an important update in the Stable Channel. It does not contain any new features or visible improvements, but it fixes six security vulnerabilities to make your browsing experience safer. Version 126.0.2592.68 is now available for download with two Edge-specific patches and four Chromium-related fixes for high-severity vulnerabilities.

Microsoft has released the latest Microsoft Edge Stable Channel (Version 126.0.2592.68) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific updates:

Here are the Chromium-related vulnerabilities that Microsoft Edge 126.0.2592.68 fixes:

  • CVE-2024-6103: Use after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-6102: Out-of-bounds memory access in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-6101: Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out-of-bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-6100: Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Microsoft Edge will update itself automatically in the background and apply the update upon the next restart. As usual, you can force-update the browser by heading to Menu > Help & Feedback > About Microsoft Edge or the edge://settings/help page.

As a reminder, Microsoft released Edge 126 in the Stable Channel earlier this month. The update brought an AI-based theme generator, Copilot summarization notifications, security setting controls in the Microsoft Edge management service, and plenty of various under-the-hood improvements or small fixes. Check out the release notes for Microsoft Edge 126 here.

Report a problem with article
Diablo IV
Next Article

Xbox exec says Diablo IV dominates Game Pass with biggest launch ever

A Windows Server 2022 graphic
Previous Article

Microsoft outs KB5041054 to address SQL issues caused by the latest Windows Server updates

Join the conversation!

Login or Sign Up to read and post a comment.

0 Comments - Add comment