Centre alarms Microsoft Edge users of possible ‘high’ level hack threat - Hindustan Times
close_game
close_game

Centre alarms Microsoft Edge users of possible ‘high’ level hack threat

By | Edited by Aryan Prakash
Sep 21, 2022 01:14 PM IST

The Indian Computer Emergency Response Team (CERT-IN) has issued the note cautioning flaws in Microsoft Edge that could allow a remote attacker to execute arbitrary code or cause denial of service conditions on the targeted system.

The Centre has alarmed the users of Microsoft Edge to be cautious and take precautionary steps against probable hack attacks on the platform. The Indian Computer Emergency Response Team (CERT-IN) has issued the advisory with a high severity rating on September 20 against multiple vulnerabilities reported in the web browser.

Designed and built by Microsoft, Microsoft Edge is a cross-platform web browser.(Microsoft Edge)
Designed and built by Microsoft, Microsoft Edge is a cross-platform web browser.(Microsoft Edge)

From time to time, CERT-IN issues advisory and vulnerability notes on its website. In the latest vulnerability note, the agency cautioned, “Multiple vulnerabilities have been reported in Microsoft Edge.” It added the flaws “could allow a remote attacker to execute arbitrary code or cause denial of service conditions on the targeted system.”

Hindustan Times - your fastest source for breaking news! Read now.

Which versions are affected and why?

CERT-IN has stated that the vulnerabilities are found in the software running on updates prior to 105.0.1343.42.

As per the report, these flaws exist in Google Chrome for Desktop because of Use-after-free (arising from the operation of dynamic memory allocation) in PDF and Frames. Along with this, the vulnerabilities also stem due to the Heap-based buffer overflow.

ALSO READ: Centre issues hacker warning for Google Chrome for desktop users

How would it influence the system ?

These vulnerabilities will give access to the system to the attacker, bypassing the security restrictions in place in the device. A remote hacker then could execute arbitrary code and launch a denial of service attack, making the system inaccessible to the original user.

The solution

Users should upgrade to the latest stable channel update available for Microsoft Edge browser.

CERT-IN is a statutory body under the Information Technology (Amendment) Act of 2008. This nodal agency under the Ministry of Electronics and Information Technology looks after computer security incidents, reports on susceptibilities, and advocates powerful IT security practices throughout the country. It reports bugs and cybersecurity threats, including hacking and phishing attacks.

Designed and built by Microsoft, Microsoft Edge is a cross-platform web browser. It was first included with Windows 10 and Xbox One in 2015, and it was later made available for other platforms, including Android and iOS in 2017, macOS and earlier versions of Windows in 2019, and Linux in 2020.

Unlock a world of Benefits with HT! From insightful newsletters to real-time news alerts and a personalized news feed – it's all here, just a click away!- Login Now! Catch all the Latest Technology Mobile, Gadgets,Tech News from India and around the world
SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Thursday, March 28, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On