Microsoft has recently rolled out important updates for its Edge browser, enhancing user security by addressing several vulnerabilities identified in the Chromium project. The updates include fixes for various bugs and performance issues, ensuring a more stable and efficient browsing experience.
The latest updates (versions 139.0.3405.102 for the Stable Channel and 138.0.3351.140 for the Extended Stable Channel) resolve multiple security issues, including:
- CVE-2025-8901: An out-of-bounds write vulnerability in ANGLE (engine used by browsers for rendering graphics), potentially allowing remote attackers to perform unauthorized memory access via crafted HTML pages.
- CVE-2025-8879: A heap buffer overflow in libaom, which could enable remote attackers to exploit heap corruption through specific gestures.
- CVE-2025-8880: A race condition in V8, allowing remote attackers to execute arbitrary code within a sandbox via crafted HTML pages.
- CVE-2025-8881: An inappropriate implementation in the File Picker, potentially leading to cross-origin data leaks when users engage in specific UI gestures.
- CVE-2025-8882: A use-after-free vulnerability in Aura, which could allow remote attackers to exploit heap corruption through specific UI interactions.
To ensure optimal security and performance, it’s advisable for all users to update their Microsoft Edge browsers to the latest versions promptly. Regular updates help protect against potential threats and provide access to the newest features and improvements for a secure and efficient browsing experience.
For a comprehensive list and more details on these updates and other recent changes, you can visit the Microsoft Edge release notes here.
Leave a Reply