Microsoft Edge Multiple Vulnerabilities
Last Update Date:
14 Mar 2025
Release Date:
13 Mar 2025
23815
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, data manipulation and sensitive information disclosure on the targeted system.
Note:
- CVE-2025-24201 is being exploited in the wild, which have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2. Hence, the risk level is rated as High Risk.
- Microsoft has released another updated version of Microsoft Edge Stable Channel (Version 134.0.3124.68) on 13 Mar 2025. Users updating to this version could also fix the vulnerabilities.
[Updated on 2025-03-14]
Updated Description and Related Links.
Impact
- Remote Code Execution
- Denial of Service
- Data Manipulation
- Information Disclosure
System / Technologies affected
- Microsoft Edge Stable Channel version prior to 134.0.3124.66
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to Microsoft Edge Stable Channel version 134.0.3124.66 or later
Vulnerability Identifier
Source
Related Link
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#march-13-2025
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-1920
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2135
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2136
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2137
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24201
- https://support.apple.com/en-us/122285
- https://www.cisa.gov/news-events/alerts/2025/03/13/cisa-adds-two-known-exploited-vulnerabilities-catalog
Related Tags
Share with