Chromium Security Updates for Microsoft Edge (Chromium-Based)
Hello All,
Microsoft has released a security advisory for Chromium-based Microsoft Edge that fixes several vulnerabilities. Below you can find the detailed information:
Microsoft Edge version - 87.0.664.75
Based on Chromium version - 87.0.4280.141
CVE IDs | Vulnerability Description | Severity |
| CVE-2021-21106 | Use after free in autofill | High |
| CVE-2021-21107 | Use after free in drag and drop | High |
| CVE-2021-21108 | Use after free in media | High |
| CVE-2021-21109 | Use after free in payments | High |
| CVE-2021-21110 | Use after free in safe browsing | High |
| CVE-2021-21111 | Insufficient policy enforcement in WebUI | High |
| CVE-2021-21112 | Use after free in Blink | High |
| CVE-2021-21113 | Heap buffer overflow in Skia | High |
| CVE-2021-21114 | Use after free in audio | High |
| CVE-2021-21115 | Use after free in safe browsing | High |
| CVE-2021-21116 | Heap buffer overflow in audio | Medium |
| CVE-2021-16043 | Insufficient data validation in networking | High |
| CVE-2021-15995 | Out of bounds write in V8 | High |
To patch these vulnerabilities, initiate a synchronization between the Desktop Central server and the Central Patch Repository. Search for the following Patch IDs or Bulletin IDs and install them in your target machines. You can read the detailed security advisory here.
Patch ID | Bulletin ID | Patch description |
| 317816 | TU-0135 | Microsoft Edge for chromium business (87.0.664.75) |
| 317817 | TU-0135 | Microsoft Edge for chromium business (x64) (87.0.664.75) |
Cheers,
Team ManageEngine