Microsoft Edge (Chromium-based) fixes several high-severity vulnerabilities in its 92.0.902.55 update

Microsoft Edge (Chromium-based) fixes several high-severity vulnerabilities in its 92.0.902.55 update

Hello everyone,

 

Microsoft Edge (Chromium-based) has been updated to 92.0.902.55 for Windows, macOS, and Linux. This update comes with fixes for several security vulnerabilities. The details of the vulnerabilities fixed are as follows:

 CVE ID Vulnerability Severity
 CVE-2021-30565 Out of bounds write in Tab Groups High
 CVE-2021-30566 Stack buffer overflow in Printing High
 CVE-2021-30567 Use after free in DevTools High
 CVE-2021-30568 Heap buffer overflow in WebGL High
 CVE-2021-30569 Use after free in sqlite High
 CVE-2021-30571 Insufficient policy enforcement in DevTools High
 CVE-2021-30572 Use after free in Autofill High
 CVE-2021-30573 Use after free in GPU High
 CVE-2021-30574 Use after free in protocol handling High
 CVE-2021-30575 Out of bounds read in Autofill Medium
 CVE-2021-30576 Use after free in DevTools Medium
 CVE-2021-30577 Insufficient policy enforcement in Installer Medium
 CVE-2021-30578 Uninitialized Use in Media Medium
 CVE-2021-30579 Use after free in UI framework Medium
 CVE-2021-30580 Insufficient policy enforcement in Android intents Medium
 CVE-2021-30581 Use after free in DevTools  Medium
 CVE-2021-30582 Inappropriate implementation in Animation Medium
 CVE-2021-30583 Insufficient policy enforcement in image handling on Windows Medium
 CVE-2021-30584 Incorrect security UI in Downloads Medium
 CVE-2021-30585 Use after free in sensor handling Medium
 CVE-2021-30586 Use after free in dialog box handling on Windows Medium
 CVE-2021-30587 Inappropriate implementation in Compositing on Windows Medium
 CVE-2021-30588 Type Confusion in V8 Low
 CVE-2021-30589 Insufficient validation of untrusted input in Sharing Low
 CVE-2021-36928 Elevation of Privilege Vulnerability Important
 CVE-2021-36929 Information Disclosure Vulnerability Important
 CVE-2021-36931 Elevation of Privilege Vulnerability Important

To install this update on your Windows machines, initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID Bulletin ID Patch Description
 320683 TU-1035 Microsoft Edge for chromium business (92.0.902.55)
 320684 TU-1035 Microsoft Edge for chromium business (x64) (92.0.902.55)

Cheers,

The ManageEngine Team