Microsoft Edge (Chromium-based) fixes several high-severity vulnerabilities in its 92.0.902.55 update
Hello everyone,
Microsoft Edge (Chromium-based) has been updated to 92.0.902.55 for Windows, macOS, and Linux. This update comes with fixes for several security vulnerabilities. The details of the vulnerabilities fixed are as follows:
| CVE ID | Vulnerability | Severity |
| CVE-2021-30565 | Out of bounds write in Tab Groups | High |
| CVE-2021-30566 | Stack buffer overflow in Printing | High |
| CVE-2021-30567 | Use after free in DevTools | High |
| CVE-2021-30568 | Heap buffer overflow in WebGL | High |
| CVE-2021-30569 | Use after free in sqlite | High |
| CVE-2021-30571 | Insufficient policy enforcement in DevTools | High |
| CVE-2021-30572 | Use after free in Autofill | High |
| CVE-2021-30573 | Use after free in GPU | High |
| CVE-2021-30574 | Use after free in protocol handling | High |
| CVE-2021-30575 | Out of bounds read in Autofill | Medium |
| CVE-2021-30576 | Use after free in DevTools | Medium |
| CVE-2021-30577 | Insufficient policy enforcement in Installer | Medium |
| CVE-2021-30578 | Uninitialized Use in Media | Medium |
| CVE-2021-30579 | Use after free in UI framework | Medium |
| CVE-2021-30580 | Insufficient policy enforcement in Android intents | Medium |
| CVE-2021-30581 | Use after free in DevTools | Medium |
| CVE-2021-30582 | Inappropriate implementation in Animation | Medium |
| CVE-2021-30583 | Insufficient policy enforcement in image handling on Windows | Medium |
| CVE-2021-30584 | Incorrect security UI in Downloads | Medium |
| CVE-2021-30585 | Use after free in sensor handling | Medium |
| CVE-2021-30586 | Use after free in dialog box handling on Windows | Medium |
| CVE-2021-30587 | Inappropriate implementation in Compositing on Windows | Medium |
| CVE-2021-30588 | Type Confusion in V8 | Low |
| CVE-2021-30589 | Insufficient validation of untrusted input in Sharing | Low |
| CVE-2021-36928 | Elevation of Privilege Vulnerability | Important |
| CVE-2021-36929 | Information Disclosure Vulnerability | Important |
| CVE-2021-36931 | Elevation of Privilege Vulnerability | Important |
To install this update on your Windows machines, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.
| Patch ID | Bulletin ID | Patch Description |
| 320683 | TU-1035 | Microsoft Edge for chromium business (92.0.902.55) |
| 320684 | TU-1035 | Microsoft Edge for chromium business (x64) (92.0.902.55) |
Cheers,
The ManageEngine Team