Microsoft fixes several high-severity security vulnerabilities in Edge for Business (chromium) 96.0.1054.53 update
Hello everyone,
Microsoft Edge for Business (chromium) has been updated to 96.0.1054.53 for Windows, macOS, and Linux. The details of the vulnerabilities fixed are as follows:
| CVE ID | Vulnerability | Severity |
| CVE-2021-4052 | Use after free in web apps | High |
| CVE-2021-4053 | Use after free in UI | High |
| CVE-2021-4054 | Incorrect security UI in autofill | High |
| CVE-2021-4055 | Heap buffer overflow in extensions | High |
| CVE-2021-4056 | Type Confusion in loader | High |
| CVE-2021-4057 | Use after free in file API | High |
| CVE-2021-4058 | Heap buffer overflow in ANGLE | High |
| CVE-2021-4059 | Insufficient data validation in loader | High |
| CVE-2021-4061 | Type Confusion in V8 | High |
| CVE-2021-4062 | Heap buffer overflow in BFCache | High |
| CVE-2021-4063 | Use after free in developer tools | High |
| CVE-2021-4064 | Use after free in screen capture | High |
| CVE-2021-4065 | Use after free in autofill | High |
| CVE-2021-4066 | Integer underflow in ANGLE | High |
| CVE-2021-4067 | Use after free in window manager | High |
| CVE-2021-4068 | Insufficient validation of untrusted input in new tab page | Low |
| CVE-2021-4078 | Type confusion in V8 | High |
| CVE-2021-4079 | Out of bounds write in WebRTC | High |
To install this update on your Windows machines, initiate a sync between the Central Patch Repository and the Desktop Central server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.
| Patch ID | Bulletin ID | Patch Description |
| 322786 | TU-1035 | Microsoft Edge for chromium business (96.0.1054.53) |
| 322787 | TU-1035 | Microsoft Edge for chromium business (x64) (96.0.1054.53) |
Cheers,
The ManageEngine Team