Indian cyber agency finds multiple bugs in Microsoft Edge, alerts users

The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, has warned users of multiple vulnerabilities in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system.

The affected software includes Microsoft Edge Stable versions prior to 126.0.2592.81.

"Multiple vulnerabilities have been reported in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system," said the CERT-In advisory.

According to the cyber agency, these vulnerabilities exist in Microsoft Edge (Chromium-based) due to "Use-after-free in Dawn and Swiftshader". An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted webpage, it said.

"Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code and compromise the targeted system," it added.

CERT-In advised users to apply appropriate security updates as mentioned by the company.