Overview

 

Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.

 

Affected Products

 

Microsoft Edge 127.0.6533.88/89 (Chromium-based) previous version

 

Resolved Vulnerabilities

 

Improper data validation in Dawn in Microsoft Edge 127.0.6533.88/89 (Chromium-based) allows attackers to execute arbitrary code via crafted HTML (CVE-2024-7256)

Uninitialized Use in Dawn in Microsoft Edge 127.0.6533.88/89 (Chromium-based) allows attackers to perform OOB Memory Access via crafted HTML (CVE-2024-6990)

Vulnerability in the WebTransport feature in Microsoft Edge 127.0.6533.88/89 (Chromium-based) that allows attackers to perform OOB Memory Access via crafted HTML (CVE-2024-7255)

 

Vulnerability Patches

 

The following product-specific Vulnerability Patches were made available in the August 1, 2024 Update. Please download and install them using the Windows Update feature or by referring to the URLs in the product information below.

Microsoft Edge 127.0.6533.88/89 (Chromium-based) version

https://msrc.microsoft.com/update-guide/

Article Link: Security Update Advisory for Microsoft Edge browser version 127.0.6533.88/89 (Chromium-based) – ASEC

1 post – 1 participant

Read full topic

​Overview
 
Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.
 
Affected Products
 
Microsoft Edge 127.0.6533.88/89 (Chromium-based) previous version
 
Resolved Vulnerabilities
 
Improper data validation in Dawn in Microsoft Edge 127.0.6533.88/89 (Chromium-based) allows attackers to execute arbitrary code via crafted HTML (CVE-2024-7256)
Uninitialized Use in Dawn in Microsoft Edge 127.0.6533.88/89 (Chromium-based) allows attackers to perform OOB Memory Access via crafted HTML (CVE-2024-6990)
Vulnerability in the WebTransport feature in Microsoft Edge 127.0.6533.88/89 (Chromium-based) that allows attackers to perform OOB Memory Access via crafted HTML (CVE-2024-7255)
 
Vulnerability Patches
 
The following product-specific Vulnerability Patches were made available in the August 1, 2024 Update. Please download and install them using the Windows Update feature or by referring to the URLs in the product information below.
Microsoft Edge 127.0.6533.88/89 (Chromium-based) version
https://msrc.microsoft.com/update-guide/
Article Link: Security Update Advisory for Microsoft Edge browser version 127.0.6533.88/89 (Chromium-based) – ASEC
1 post – 1 participant
Read full topic