Two security updates for Edge & Chrome: BSI warns of exploitation


Microsoft released two security updates for the Edge web browser in quick succession. A handful of vulnerabilities are fixed that the Federal Office for Information Security warns about – the risk was classified as high in some cases.

The security gaps discovered at the beginning of May are mainly present in the Edge substructure, i.e. in the Chrome web browser. These are actively exploited vulnerabilities, so the risk is not just theoretical. Therefore, Chrome and Edge users should act urgently and download and install the updates if they have not set automatic updates.

The latest warning from the BSI refers to the security update issued by Google and only mentions the Edge update in passing. In addition to the vulnerabilities fixed by Google, Microsoft has had to fix two other Edge-specific security gaps in the last two updates.

That’s it: “A remote, anonymous attacker can exploit multiple vulnerabilities in Google Chrome to disclose information and bypass security measures.” The latest Edge version has the number 113.0.1774.35 and is already available in our WinFuture download center and can be downloaded at the end of this article.

According to the Federal Office for Information Security, the updates should be installed promptly so as not to expose yourself to an unnecessary risk. It is not yet known whether there are already known attacks on the vulnerabilities in Germany.

details following

Detailed information on the vulnerabilities listed under the CVE numbers will be gradually published in the security guide. In most cases, this only follows some time after the release. In the Google’s Chromium blog there is currently a list of the fixed vulnerabilities with initial further information. Google reports a total of 15 vulnerabilities reported by external security researchers. Most of the vulnerabilities have the risk classification “Medium”.

The latest version of the Edge update brings all the corresponding changes plus the correction of two other vulnerabilities. One of these is classified as “high” risk.

At Microsoft you can see the overview of the changes and in the Edge update history follow up. However, Microsoft is currently also brief: “Microsoft has released the latest Microsoft Edge Stable Channel (version 113.0.1774.35) which integrates the latest security updates from the Chromium project. This update contains the following Microsoft Edge-specific updates: CVE- 2023-29350, CVE-2023-29354.” There was also an update for the Extended Stable Channel with version 112.0.1722.71. This also fixes CVE-2023-29350 and CVE-2023-29354.

Download Microsoft Edge browser based on Chromium

Summary

  • Microsoft releases security updates for Edge: 17 vulnerabilities.
  • Update should be installed promptly to minimize risk.
  • Latest Edge versions 113.0.1774.35 + 112.0.1722.71
  • Google Chrome substructure affected, actively exploited vulnerabilities.
  • CVE numbers for vulnerabilities, info on the Chromium blog.
  • Edge specific updates: CVE-2023-29350, CVE-2023-29354.
  • BSI issues warning, some risk classified as high.

See also:


microsoft, browser, logo, edge, microsoft edge, spartan browser, project spartan, spartan, microsoft spartan, edge chromium, microsoft browser, edge browser, project spartan, microsoft edge insider, chromium edge, edge browser, edge extension, edge on Chromium base, Edge logo

Share This:

California18

Welcome to California18, your number one source for Breaking News from the World. We’re dedicated to giving you the very best of News.

Leave a Reply