The Edge browser, which debuted in Windows 10, contains a critical vulnerability. Microsoft released an update for the leak yesterday. It’s the second time the software giant releases a security update for the Edge browser.
The new browser also doesn’t succeed in making web browsing more secure. The new critical vulnerability makes it possible for attackers to execute code remotely and gain full control over the victim’s computer. Cybercriminals can exploit the leak by e.g. hiding malware in infected web pages that are visited by Edge users.
The update is cumulative, which means also earlier released patches are included. The update also patches all versions of Internet Explorer.
According to Tripwire researcher Craig Young the new patch, including that of August, could mean that Edge and Internet Explorer share libraries.
“Looking at the four Edge vulnerabilities patched in August and the four memory corruption bugs addressed today, it is apparent that Edge and IE are at least sharing some libraries, if not more substantial components of the web rendering engine,” he said.