Jump to content
  • Microsoft fixes another exploited Chromium security vulnerability in the latest Edge update


    Karlston

    • 654 views
    • 2 minutes
     Share


    • 654 views
    • 2 minutes

    Just a few days after patching another set of security vulnerabilities in its browser, Microsoft released another update with the same goal. This time, version 124.0.2478.105 addresses a single Chromium vulnerability. Since it was reported as one exploited in the wild (which means bad actors are already using it to harm users), you better update your Microsoft Edge copy as fast as possible. Here are the details:

     

    Version 124.0.2478.105: May 14, 2024

     

    This update to Stable channel (and Extended Stable channel) contains a fix for CVE-2024-4761, which has been reported by the Chromium team as having an exploit in the wild. For more information, see the Security Update Guide.

    According to the CVE website, CVE-2024-4761 is a high-severity V8 vulnerability in Chromium that allowed a remote attacker to perform an out-of-bounds memory write using a specifically crafted HTML page. The vulnerability affects browser versions prior to 124.0.6367.207. Google keeps the details about CVE-2024-4761 under wraps until more users download and install the necessary fixes.

     

    Like other modern browsers, Microsoft Edge updates itself automatically in the background. However, you can force-install the latest update by navigating to Menu > Help and Feedback > About Microsoft Edge or edge://settings/help. Chrome has also received the same security update, so you can get it as well if you prefer Google's browser over Microsoft's.

     

    You can also check out this and this article to learn more about Microsoft Edge's recent security updates and patched vulnerabilities (both Chromium-related and exclusive to Microsoft Edge).

     

    In other Edge news, Microsoft has just updated its official documentation to mention that Edge 126, which is expected next month, is dropping support for computers powered by CPUs without the SSE3 instruction set. But do not panic—you need a very old PC to be affected by the change since SSE3 debuted two decades ago.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...