Microsoft has released two updates for the Edge browser. One is available for all users in the Stable Channel, and the other is for those using Edge in the Extended Stable Channel (it receives big updates every eight weeks instead of four). Both updates contain fixes for four high-severity Chromium security vulnerabilities.
The update is available under version 131.0.2903.112 (Stable Channel) and 131.0.2903.99 (Extended Stable Channel). Here is what was fixed:
-
CVE-2024-12695: Out-of-bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
-
CVE-2024-12694: Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
-
CVE-2024-12693: Out-of-bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
-
CVE-2024-12692: Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Microsoft Edge will update itself automatically in the background, but you can always speed things up by navigating to edge://settings/help and force-install available updates.
In other Edge news, Microsoft recently shared some interesting stats about the browser and its usage in 2024. According to the company, users participated in over 10 billion conversations with Copilot, saved on average $400 with built-in shopping assistant tools, and over 7 trillion megabytes of memory were saved with the Sleeping Tabs feature.
0 Comments - Add comment