The Indian Computer Emergency Response Team (CERT-In) under the IT ministry has issued a high severity warning for Microsoft Edge browser users. The warning is for the users who are using the browser’s version prior to 98.0.1108.43. As per the warning, multiple vulnerabilities have been reported in Edge browser which could allow a remote attacker to bypass security restrictions, execute arbitrary code and gain escalated privileges on the targeted system.
The advisory further reveals that “these vulnerabilities exist in Edge due to improper input validation. A remote attacker can exploit this vulnerability by enticing a victim to open a specially crafted file.” Successful exploitation of this vulnerability could allow a remote attacker to bypass security restrictions, gain escalation of privileges, and execute arbitrary code on the targeted system.
What users can do to stay safe
To avoid any exploitation, the CERT-In wants Edge browser users to update to version 98.0.1108.43. The version was rolled out by the tech giant last week and it incorporates the latest Security Updates of the Chromium project.
The Edge version 98 comes with few improvements and new features. With the latest update, the tech giant has added Enhance Security Mode where browser security takes priority, giving users an extra layer of protection when browsing the web. Administrators can apply group policies to end-user desktops (Windows, macOS, and Linux) to help protect against in-the-wild exploits (also referred to 0-days).
The flagship feature of the latest version is the Edge Bar. It is a floating widget that will male it easier for you to visit your favorite websites right from the desktop. By default, the Edge Bar is pinned on the right side of the screen.
With the update, Microsoft has also added Windows 11-style overlay scrollbars to the browser. The company has been testing this edition for a while now. The feature is currently under a flag and can be enabled by going in edge://flags.
,