web analytics
Home » Technology » Microsoft » Critical security update for Edge browser started, BSI warns of vulnerabilities

Critical security update for Edge browser started, BSI warns of vulnerabilities

Microsoft has released a security update for the Edge browser labeled “Early Security Release”. It fixes a number of weaknesses that the BürgerCERT from the Federal Office for Information Security is warning of. Google recently addressed the vulnerabilities with a Chromium update. However, details are not yet known – just this much:

In addition to the security update for Chromium, five Edge-specific security gaps have been closed for Edge and there is a critical security gap in both browsers. If you use the new Microsoft Edge, you will simply get the update as an auto-update. This also applies to Google Chrome. The latest Edge version has the number 97.0.1072.55 and is already available from us in the WinFuture download center and can be downloaded at the end of this article.

According to the Federal Office for Information Security, the updates should be installed urgently: “Microsoft has fixed several vulnerabilities in the Edge browser. These allow an attacker to disclose confidential information, circumvent security measures, cause a program crash, present false information, and execute malicious code.

To do this, it is sufficient to call up a maliciously designed website or click on a corresponding link. ” The BSI has classified the security gap at risk level 3. It is not known whether there are known exploits of the vulnerabilities. Little is known about the individual changes for Edge either – this is due to the fact that Microsoft does not include any detailed release notes apart from the notifications for the individual security-related changes.

By doing Security Update Guide you can currently not even find all CVE entries for the security holes that have been fixed. See an overview on Google and see the CVE articles in the Edge update history follow-up. Microsoft has so far only said about the update: “Microsoft has released the latest Microsoft Edge Stable Channel (version 97.0.1072.55), which includes the latest security updates from the Chromium project. For more information, see the Security update instructions. This update contains the following Microsoft Edge-specific updates: CVE-2022-21954, CVE-2022-21929, CVE-2022-21930, CVE-2022-21931, CVE-2022-21970.”

details follow after the release

The information on the vulnerabilities listed under the CVE numbers will be gradually published in the security guide cited. This usually only follows sometime after the release. in the Google Chromium Blog there is currently only a list of the fixed vulnerabilities without further information. Google reports a total of 37 (!) Security holes that were reported by external security researchers.