Cert-In Flags Vulnerabilities in Microsoft Edge

MeitY’s Indian Computer Emergency Response Team (Cert-In) has flagged a few vulnerabilities in Microsoft’s Edge browser. The organisation has rated the vulnerabilities to be highly dangerous.

In its note, Cert-In has said that Microsoft Edge had multiple vulnerabilities that could allow a remote attacker to execute arbitrary code or cause denial of service condition on the targeted system.

Cert-In says the vulnerabilities affect Edge versions prior to 105.0.1343.42 and has given this a severity rating of ‘HIGH’.

“These vulnerabilities exist in Microsoft Edge due to out-of-bounds write error when processing untrusted HTML content, Heap-based buffer overflow, use-after-free error within the PDF component and use-after-free error within the Frames component,” mentioned Cert-In.

If exploited successfully, these vulnerabilities could allow a remote attacker to execute arbitrary code or cause denial of service condition on the targeted system.

Cert-In has recommended that Edge users incorporate the necessary updates to patch the vulnerabilities.

Microsoft Edge is the third most used internet browser today behind Chrome and Safari.