CERT-In Issues Warning for Microsoft Edge Users: How to Stay Safe

The Indian government has issued a high-severity warning to Microsoft Edge users, urging them to update their browsers immediately. This warning follows the discovery of multiple vulnerabilities in Microsoft Edge that could allow remote attackers to execute arbitrary code on users' systems.

Microsoft Edge, one of the most widely used web browsers worldwide, holds a significant market share, especially among Windows users. As more of our daily activities move online, we increasingly share sensitive personal information like banking details, birthdates, and locations through our browsers. Microsoft regularly releases security updates for Edge to protect users, but many users opt to stick with older versions out of convenience. However, using outdated browser versions can leave you vulnerable to attacks.

The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, has highlighted that these vulnerabilities are present in versions of Microsoft Edge before 128.0.2739.42. The risks stem from issues such as "Use after free" in passwords and autofill, inappropriate implementations in various components like V8, Permissions, and Extensions, and other severe flaws like heap buffer overflow and insufficient data validation.

Attackers can exploit these vulnerabilities by tricking users into visiting specially crafted web pages, potentially gaining unauthorized access to the victim's system and data. Given the severity of these vulnerabilities, CERT-In strongly advises all Edge users to update their browsers to the latest version immediately.

How to Stay Safe

Always ensure your browser is updated with the latest security patches to stay safe. Microsoft provides regular updates to address such vulnerabilities, and keeping your browser current is one of the best ways to protect your personal information from cyber threats.