Indian cyber security agency finds multiple bugs in Microsoft Edge, urges users to update the app

Microsoft Edge

The Ministry of Electronics & Information Technology via its Indian Computer Emergency Response Team (CERT-In) has warned Microsoft Edge users about its multiple vulnerabilities, which could allow hackers or cyber attackers to gain access to your systems. Further, the Ministry has informed that the vulnerabilities are present in the Microsoft Edge Stable versions before its 125.0.2535.85 version.

CERT-In through its advisory has stated, “Multiple vulnerabilities have been reported in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system.” The agency has added that an attacker could take advantage of these vulnerabilities by tricking a Microsoft Edge user into opening a malicious file that could gain access to your PC.

Therefore, CERT-In has advised Edge users to install appropriate security updates as recommended by Microsoft to stay away from such phishing attacks. The agency has also informed that these vulnerabilities in the Edge browser are caused by 'out of bounds' memory access in keyboard inputs, heap buffer overflow in WebRTC, use after free in dawn, media session, and presentation API.

Previously, CERT-In also found multiple security flaws in Android that allow attackers to gain sensitive information because of flaws in Framework, System, Google Play system updates, Kernel, Arm components, MediaTek components, Imagination Technologies, and Qualcomm closed-source components.

Meanwhile, Cybersecurity researchers have discovered a potential data leak of at least 1 lakh Facebook users. The leaked data, which includes full names, profiles, emails, phone numbers, and locations, appeared on a data breach forum, compromising the personal details of these users to malware or phishing attacks.