Install this update immediately. Every moment of delay is a risk
If you use Microsoft Edge on your computer, download the update as soon as possible. The browser is vulnerable to attacks.
Microsoft has released two important security updates for its Microsoft Edge browser. The first one was delivered to users on May 2, 2024. The second one, marked 124.0.2478.97, has just appeared on the servers. Be sure to make sure you already have the latest version of your browser.
The vulnerability was exploited in attacks
Microsoft reports that the update patches a browser security vulnerability. The matter is serious because cybercriminals know about the vulnerability and use it in attacks.
On May 2, Microsoft patched the vulnerability, which was marked as CVE-2024-4671. It was discovered by the team that develops the Chromium engine, which is used by Microsoft Edge and several other popular browsers. Susceptibility allowed a specially crafted website to destroy the stack in memory.
In the last update, the CVE-2024-30055 vulnerability was fixed, allowing data extraction from the browser. Attackers must prepare a special, malicious link for this purpose. It will look normal – for example, it will promise something for free – but will redirect to a malicious website and will reveal various information. Microsoft emphasizes that this is not critical data, but it is better not to share anything with cybercriminals.
The new version of Microsoft Edge is now available in the Stable Channel and the Extender Stable Channel for enterprise customers.
