Skip to main content

Microsoft Edge Multiple Vulnerabilities

Release Date: 3 Oct 2023 4698 Views

RISK: Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities were identified in Microsoft Edge.  A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and security restriction bypass on the targeted system.

 

Note:

CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx. Google is aware that an exploit for CVE-2023-5217 exists in the wild.


Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Microsoft Edge (Stable) prior to 117.0.2045.47
  • Microsoft Edge (Extended Stable) prior to 116.0.1938.98
 

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to Microsoft Edge (Stable) version 117.0.2045.47 or later
  • Update to Microsoft Edge (Extended Stable) version 116.0.1938.98 or later

Vulnerability Identifier


Source


Related Link