Microsoft Edge for Chromium business fixes 2 zero-day vulnerabilities in its 94.0.992.38 update

Microsoft Edge for Chromium business fixes 2 zero-day vulnerabilities in its 94.0.992.38 update

Hello everyone,

 

Microsoft Edge for Chromium business has been updated to 94.0.992.38 for Windows, macOS, and Linux. This update comes with fixes for few security vulnerabilities out of which two, CVE-2021-37975 and CVE-2021-37976, are being exploited in the wild. The details of the vulnerabilities fixed are as follows:

 CVE ID Vulnerability Severity
 CVE-2021-37974 Use after free in Safe Browsing High
 CVE-2021-37975 Use after free in V8 High
 CVE-2021-37976 Information leak in core Medium

To install this update on your Windows machines, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID Bulletin ID Patch Description
 321692 TU-1035 Microsoft Edge for chromium business (94.0.992.38)
 321693 TU-1035 Microsoft Edge for chromium business (x64) (94.0.992.38)

Cheers,

The ManageEngine Team