Microsoft Edge (Chromium-based) update fixes several high-severity vulnerabilities

Microsoft Edge (Chromium-based) update fixes several high-severity vulnerabilities

Hello everyone,

 

Microsoft Edge (Chromium-based) has been updated and the update comes with fixes for several high severity vulnerabilities. The details of the vulnerabilities fixed are as follows:

 CVE ID
 Vulnerability
 Severity
 CVE-2021-30521
 Heap buffer overflow in Autofill
 High
 CVE-2021-30522
 Use after free in WebAudio
 High
 CVE-2021-30523
 Use after free in WebRTC
 High
 CVE-2021-30524
 Use after free in TabStrip
 High
 CVE-2021-30525
 Use after free in TabGroups
 High
 CVE-2021-30526
 Out of bounds write in TabStrip
 High
 CVE-2021-30527
 Use after free in WebUI
 High
 CVE-2021-30528
 Use after free in WebAuthentication
 High
 CVE-2021-30529
 Use after free in Bookmarks
 Medium
 CVE-2021-30530
 Out of bounds memory access in WebAudio
 Medium
 CVE-2021-30531
 Insufficient policy enforcement in Content Security Policy
 Medium
 CVE-2021-30532
 Insufficient policy enforcement in Content Security Policy
 Medium
 CVE-2021-30533
 Insufficient policy enforcement in PopupBlocker
 Medium
 CVE-2021-30534
 Insufficient policy enforcement in iFrameSandbox
 Medium
 CVE-2021-30535
 Double free in ICU
 Medium
 CVE-2021-30536
 Out of bounds read in V8
 Low
 CVE-2021-30537
 Insufficient policy enforcement in cookies
 Low
 CVE-2021-30538
 Insufficient policy enforcement in content security policy
 Low
 CVE-2021-30539
 Insufficient policy enforcement in content security policy
 Low
 CVE-2021-30540
 Incorrect security UI in payments
 Low
 CVE-2021-31982
 Security feature bypass vulnerability
 Medium
CVE-2021-31937
 Elevation of privilege vulnerability
 Medium

To install these updates using Vulnerability Manager Plus, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID
 Bulletin ID
 Patch Description
 319805
 TU-1035 
 Microsoft Edge for chromium business (91.0.864.37)
 319806
 TU-1035  Microsoft Edge for chromium business (x64) (91.0.864.37)

Cheers,

The ManageEngine Team