Microsoft Edge (chromium-based) fixes one zero-day CVE-2021-30563 along with other vulnerabilities in its 91.0.864.71 update

Microsoft Edge (chromium-based) fixes one zero-day CVE-2021-30563 along with other vulnerabilities in its 91.0.864.71 update

Hello everyone,

 

Microsoft has released Edge (chromium-based) update 91.0.864.71. This update comes with fixes for several security vulnerabilities with one of them being an actively exploited zero-day vulnerability tracked as CVE-2021-30563. The details of the vulnerabilities fixed are as follows:


 CVE ID
 Vulnerability
 Severity
 CVE-2021-30563
 Type Confusion in V8
 High
 CVE-2021-30559
 Out of bounds write in ANGLE
 High
 CVE-2021-30541
 Use after free in V8
 High
 CVE-2021-30560
 Use after free in Blink XSLT
 High
 CVE-2021-30561
 Type Confusion in V8
 High
 CVE-2021-30562
 Use after free in WebSerial
 High
 CVE-2021-30564
 Heap buffer overflow in WebXR
 Medium

To install this update on your Windows machines, initiate a sync between the Central Patch Repository and the Desktop Central server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID
 Bulletin ID
 Patch Description
 320600
 TU-1035
 Microsoft Edge for chromium business (91.0.864.71)
 320601
 TU-1035
 Microsoft Edge for chromium business (x64) (91.0.864.71)

Cheers,

The ManageEngine Team