Overview
Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.
Affected Products
Microsoft Edge 127.0.6533.88/89 (Chromium-based) previous version
Resolved Vulnerabilities
Improper data validation in Dawn in Microsoft Edge 127.0.6533.88/89 (Chromium-based) allows attackers to execute arbitrary code via crafted HTML (CVE-2024-7256)
Uninitialized Use in Dawn in Microsoft Edge 127.0.6533.88/89 (Chromium-based) allows attackers to perform OOB Memory Access via crafted HTML (CVE-2024-6990)
Vulnerability in the WebTransport feature in Microsoft Edge 127.0.6533.88/89 (Chromium-based) that allows attackers to perform OOB Memory Access via crafted HTML (CVE-2024-7255)
Vulnerability Patches
The following product-specific Vulnerability Patches were made available in the August 1, 2024 Update. Please download and install them using the Windows Update feature or by referring to the URLs in the product information below.
Microsoft Edge 127.0.6533.88/89 (Chromium-based) version
https://msrc.microsoft.com/update-guide/
Article Link: Security Update Advisory for Microsoft Edge browser version 127.0.6533.88/89 (Chromium-based) – ASEC
1 post – 1 participant
Overview
Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.
Affected Products
Microsoft Edge 127.0.6533.88/89 (Chromium-based) previous version
Resolved Vulnerabilities
Improper data validation in Dawn in Microsoft Edge 127.0.6533.88/89 (Chromium-based) allows attackers to execute arbitrary code via crafted HTML (CVE-2024-7256)
Uninitialized Use in Dawn in Microsoft Edge 127.0.6533.88/89 (Chromium-based) allows attackers to perform OOB Memory Access via crafted HTML (CVE-2024-6990)
Vulnerability in the WebTransport feature in Microsoft Edge 127.0.6533.88/89 (Chromium-based) that allows attackers to perform OOB Memory Access via crafted HTML (CVE-2024-7255)
Vulnerability Patches
The following product-specific Vulnerability Patches were made available in the August 1, 2024 Update. Please download and install them using the Windows Update feature or by referring to the URLs in the product information below.
Microsoft Edge 127.0.6533.88/89 (Chromium-based) version
https://msrc.microsoft.com/update-guide/
Article Link: Security Update Advisory for Microsoft Edge browser version 127.0.6533.88/89 (Chromium-based) – ASEC
1 post – 1 participant
Read full topic