Update Your Microsoft Edge Browser
Components Affected
Versions prior to 91.0.864.59
Overview
Microsoft rolled out an update for the Edge browser to fix two security issues where one could allow an attacker to bypass security and perform arbitrary code execution.
Description
Universal cross-site scripting (UXSS) vulnerability (CVE-2021-34506) found in the Microsoft Edge browser which can be triggered when automatically translating web pages using the browser’s in-built feature called Microsoft translator.
A successful exploit of this vulnerability would allow an attacker to bypass security and execute arbitrary codes on the target system.
Impact
✻ Exposing sensitive information to unauthorized parties
✻ Execute of unwanted/malicious programs/codes
✻ Unauthorized access
Solution/ Workarounds
Update to the latest version of (91.0.864.59) Microsoft Edge browser by visiting Settings and more > About Microsoft Edge
Reference
Researcher gives low-down on serious UXSS flaw in Microsoft Edge
Microsoft Edge Bug Could’ve Let Hackers Steal Your Secrets for Any Site
Disclaimer
The information provided herein is on an “as is” basis, without warranty of any kind.
-
The decision we make today on cyber security will determine the security of the society in which we live tomorrow.
Total Users : 228404Designed and Developed by Procons Infotech