Hello everyone,
Microsoft has released security updates for Microsoft Edge for business 87.0.664.41. This update fixes about 19 vulnerabilities, the details of which are as follows:CVE ID | Vulnerability | Severity |
CVE-2020-16012 | Side-channel information leakage in graphics | Low |
CVE-2020-16014 | Use after free in PPAPI | High |
CVE-2020-16015 | Insufficient data validation in WASM | High |
CVE-2020-16018 | Use after free in payments | High |
CVE-2020-16022 | Insufficient policy enforcement in networking | High |
CVE-2020-16023 | Use after free in WebCodecs | High |
CVE-2020-16024 | Heap buffer overflow in UI | High |
CVE-2020-16025 | Heap buffer overflow in clipboard | High |
CVE-2020-16026 | Use after free in WebRTC | Medium |
CVE-2020-16027 | Insufficient policy enforcement in developer tools | Medium |
CVE-2020-16028 | Heap buffer overflow in WebRTC | Medium |
CVE-2020-16029 | Inappropriate implementation in PDFium | Medium |
CVE-2020-16030 | Insufficient data validation in Blink | Medium |
CVE-2019-8075 | Insufficient data validation in Flash | Medium |
CVE-2020-16031 | Incorrect security UI in tab preview | Medium |
CVE-2020-16032 | Incorrect security UI in sharing | Medium |
CVE-2020-16033 | Incorrect security UI in WebUSB | Medium |
CVE-2020-16034 | Inappropriate implementation in WebRTC | Medium |
CVE-2020-16036 | Inappropriate implementation in cookies | Low |
The updates can be deployed using Patch Manager Plus. Initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once synced, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.
Patch ID | Bulletin ID | Patch Description |
317124 | TU-1035 | Microsoft Edge for chromium business (87.0.664.41) |
317089 | TU-1035 | Microsoft Edge for chromium business (x64) (87.0.664.41) |
Cheers,
The ManageEngine team