Original Issue Date:July 25, 2022
Severity Rating: HIGH
Software Affected
Microsoft Edge Version prior to 103.0.1264.71
Overview
Multiple vulnerabilities have been reported in Microsoft Edge which could allow a remote attacker to bypass security restrictions and to execute arbitrary code or cause a denial-of-service (DoS) condition on the targeted system.
Description
These vulnerabilities exist in Chromium Open-Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based) due to Use after free in Guest View, Use after free in PDF, Use after free in Service Worker API, Use after free in Views and Insufficient validation of untrusted input in File. A remote attacker could exploit these vulnerabilities by sending specially crafted request on the targeted system.
Successful exploitation of these vulnerabilities could allow an attacker to bypass security restrictions and to execute arbitrary code or cause a denial-of-service (DoS) condition on the targeted system.
Solution
Apply appropriate software updates as mentioned in the below link:
https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security