The Computer Emergency Response Team India (CERT-In) of the IT Ministry has issued a high severity warning for Microsoft Edge browser users. The warning is for users who are using a browser version earlier than 100.0.1185.44. According to the warning, multiple vulnerabilities have been reported in Edge browser that could allow a remote attacker to compromise the targeted system.
“These vulnerabilities exist in Edge due to elevation of privilege, type confusion in V8, use-after-availability in tab groups, use-after-availability in storage, use-after-availability in regular expressions, insufficient policy enforcement in developer tools, use-after-availability in BFCache, Improper implementation in full screen and Improper implementation in composition”, we read in the notice.
An attacker could exploit these vulnerabilities by tricking a victim into opening a specially crafted file. Successful exploitation of these vulnerabilities could allow an attacker to compromise the targeted system.
To prevent exploitation, CERT-In wants Edge browser users to update to version 100.0.1185.44. The version was rolled out by the tech giant last week and incorporates the latest security updates from the Chromium project.
Earlier this month, Microsoft has overtaken one of its main rivals, Apple, when it comes to desktop browsers. According to a report by web analytics service StatCounter, the Microsoft Edge browser is now the second most used desktop web browser in the world, after Google Chrome.
According to the report, Microsoft Edge is now used on 9.65% of desktops worldwide, just ahead of Apple’s Safari with a market share of 9.57%. The data also reveals that Google Chrome still holds the largest market share with 67.26% of users. Edge has seen significant growth since the launch of the new Windows operating system.