Microsoft Edge (Stable Channel) Updates

Topic

New Reply

Version 109.0.1518.78: February 2, 2023

Fixed various bugs and performance issues.
Incorporates the latest Security Updates of the Chromium project.
This update contains the following Microsoft Edge-specific update: CVE-2023-21720

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

3 users thanked author for this post.

Microfix, geekdom, CraigS26

Reply | Quote

Replies

might be the last 109 update before MS decides to release the 110 version next week in the stable channel, which of course v110 will require at least Win10

Reply | Quote

Version 110.0.1587.41: February 9, 2023

Feature updates
New Immersive Reader policies.
Enabling sync for Azure Active Directory signed in customers.
Drop: … a simple way to send files and notes across all your signed in mobile and desktop devices.
Policy updates: New policies … Obsoleted policies …

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific updates:

CVE-2023-21794
CVE-2023-23374

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

Reply | Quote

Version 110.0.1587.46: February 14, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

Reply | Quote

Version 110.0.1587.49: February 16, 2023

Fixed various bugs and performance issues

Release notes for Microsoft Edge Stable Channel

Reply | Quote

Microsoft Edge updates are occurring at a rapid rate. There’s release information in the links, but most is vague. What bugs? What performance issues? Microsoft isn’t providing information.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

geekdom wrote:

Microsoft Edge updates are occurring at a rapid rate

Microsoft Edge updates are occurring at Chrome’s update speed.

Reply | Quote

And all along, I thought it was Chromium determined update speed…
then Google Chrome with other derivatives following on soon after in no regular order of browser (proprietary update/ security update dependant which fluctuates over different browser updates)

If debian is good enough for NASA...

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 110.0.1587.50: February 17, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

Reply | Quote

Version 110.0.1587.56: February 23, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

… now up to Version 110.0.1587.57

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 110.0.1587.63: March 3, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 110.0.1587.69: March 09, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Not very forthcoming with technical details are they. However, good to know bugs and performance measures are improving along with preparation for Adobe bloatware 🙂

If debian is good enough for NASA...

Reply | Quote

Version 111.0.1661.41: March 13, 2023

Incorporates the latest Security Updates of the Chromium project.

Feature update

A New Microsoft Edge Sidebar. In this release, the Sidebar introduces several new features and improvements aimed at enhancing productivity, convenience, and the user experience. Here are some of the highlights:
…

Admins retain the ability to control and customize the Sidebar and its experiences, as needed by using the following settings:
…

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

2 users thanked author for this post.

dgc-art, Alex5723

Reply | Quote

Version 111.0.1661.41: March 13, 2023

If like me, you want to get rid of the Bing button/sidebar feature that came with this update, here are the instructions from AskVG:

Disable or Remove Bing Chat Button or Icon from Microsoft Edge Toolbar – AskVG

Just make sure ‘Startup Boost’ is switched off via ‘System and Performance’ settings in Edge and that ‘Continue running background extensions and apps when Microsoft Edge is closed’, is disabled for this fix to work.

Reply | Quote

UPDATE: Microsoft has added a built-in option to show/hide Bing icon in Microsoft Edge. Check out following article to learn more about the new method:

[Tip] New Easy Method to Remove Bing Discover Icon in Microsoft Edge

Reply | Quote

Version 111.0.1661.43: March 15, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

dgc-art wrote:

If like me, you want to get rid of the Bing button/sidebar feature that came with this update

Microsoft caves in, adds Edge setting to disable the Bing button

Microsoft has updated Microsoft Edge Canary today with a new option to turn off the Bing icon in the browser. The company launched the Bing icon in Microsoft Edge 111 and has received criticism for the way it has implemented it. The actual name of the feature is Discover.

Users criticized Microsoft for making the Bing button activate the sidebar on hover. Since it is placed next to the main menu button, accidental activations are common. To make matters worse, Microsoft did not add an option to Edge to turn the functionality off….

2 users thanked author for this post.

b, dgc-art

Reply | Quote

Version 111.0.1661.44: March 16, 2023

Feature update

New Microsoft Edge PDF experience policy. As part of the Adobe and Microsoft collaboration to re-envision the future workplace and your digital experiences, we are natively embedding the Adobe Acrobat PDF engine into the Microsoft Edge built-in PDF reader, with a release scheduled in March 2023. Administrators can start testing the new Microsoft Edge PDF reader which is powered by the Adobe Acrobat PDF engine by enabling the NewPDFReaderEnabled policy. For more information, see Microsoft Edge and Adobe partner to improve the PDF experience.

Policy updates

New policies

ShowAcrobatSubscriptionButton – Shows button on native PDF viewer in Microsoft Edge that allows users to sign up for Adobe Acrobat subscription
NewPDFReaderEnabled – Microsoft Edge built-in PDF reader powered by Adobe Acrobat enabled

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 111.0.1661.51: March 21, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

Reply | Quote

Version 111.0.1661.54: March 24, 2023

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific updates:

CVE-2023-28286
CVE-2023-28261

Feature update: Microsoft Edge Sidebar Improvements.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

Reply | Quote

https://www.askwoody.com/forums/topic/disable-bing-sidebar-using-gpo/#post-2546455

Reply | Quote

You may disable the “Discover” button in the Edge settings with this latest update.

Go to Edge Settings | Sidebar | App specific settings | Discover. Then disable the button.

This works for Home users as you don’t have to use Gpedit or a policy.

--Joe

Reply | Quote

joep517 wrote:

You may disable the “Discover” button in the Edge settings with this latest update.

That exactly what’s shown in my post 🙂

Reply | Quote

Version 111.0.1661.62: March 30, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 112.0.1722.34: April 6, 2023

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific updates:

CVE-2023-28284
CVE-2023-24935
CVE-2023-28301

Feature update

Enhanced security mode improvements.
Added features for web app policy.
In-browser JSON viewer.
Updated new tab page policy.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Release notes for this version should have included a new Edit image feature:

Edit and save web images in Microsoft Edge. You can right click on the desired web image and without leaving your browser window, crop, adjust lighting and color, and add filters. From there, you can save the edited image for later use. You can also start editing simply by hovering over an image and selecting edit image from the menu.

Now added

Reply | Quote

Version 112.0.1722.39: April 10, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 112.0.1722.48: April 14, 2023

Important

This update … contains a fix for CVE-2023-2033, which has been reported by the Chromium team as having an exploit in the wild.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

[Version 112.0.1722.46: April 13, 2023 — Fixed various bugs and performance issues.]

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 112.0.1722.58: April 21, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

April 24, 2023
Edge Version 109.0.1518.100:
Ref: https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnote-stable-channel

This update was done for our M109 Windows down-level extended support. We’re shipping 109 to Win 7, 8, and 8.1 (including Server 2012 R2 which is based on Win 8.1)…

If debian is good enough for NASA...

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

I find it very interesting that Microsoft issued this Edge security update for Win7, 8, 8.1, Server 2012 & Server 2012 R2 while the new Goggle Chrome update (109.0.5414.141) indicates it only applies to Server 2012 & Server 2012 R2.

I guess Goggle intends to leave us Win 7, 8 and 8.1 uses “hanging in the breeze” as far as protection against these two actively exploited in the wild CVE’s are concerned.

NOT GOOD!

1 user thanked author for this post.

Microfix

Reply | Quote

Ref: Edge Version 109.0.1518.100
Win Server 2012 R2 is the only OS that’s still in Extended MSFT support without ESU until the 10th October 2023. (hence the only mention)
I’d suspect these updates are backported from MSFT for target systems mentioned in several ESU editions and Win 2012 R2.

If debian is good enough for NASA...

Reply | Quote

After a bit of sleuthing on the internet, I discovered a powershell script written by shawnkhall called ChromeDownloader.ps1 that lets you download the latest version of any Google Chrome build!

Using it I located and downloaded the new April 20 Google Chrome update for Server 2012 (the version MS issued for Win7 also applied to Server 2012) and it worked to update my Win 7 Chrome 109.0.5414.75 to 109.0.5414.141.

So my Win7 Chrome is now “fully protected” with the latest security updates.

To save others the trouble of using the script to locate the download links, here they are:

• Chrome 109.0.5414.141 32-bit

• Chrome 109.0.5414.141 64-bit

Note: the downloads come directly from Google’s google.com/dl/release2/chrome server and, like the MS update, should also apply for Win8 & Win8.1

Reply | Quote

Version 112.0.1722.64: April 27, 2023

Fixed various bugs and performance issues

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Alex5723, Just another Forum Poster

Reply | Quote

That’s what I got on my desktop after updating and closing Edge.

Reply | Quote

Version 112.0.1722.68: May 1, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 113.0.1774.35: May 5, 2023

Feature update
Improvements to enhanced security mode.
Switch from Microsoft Autoupdate to EdgeUpdater for macOS.
New policy for PDF View Settings.
Updated Microsoft Root Store policy.

Policy updates
New policies

Incorporates the latest Security Updates of the Chromium project.
This update contains the following Microsoft Edge-specific updates:
CVE-2023-29350
CVE-2023-29354

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

2 users thanked author for this post.

Alex5723, Just another Forum Poster

Reply | Quote

Version 113.0.1774.42: May 11, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Edge release notes are very informative (compared to Chrome,..)

Reply | Quote

Version 113.0.1774.50: May 18, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 113.0.1774.57: May 25, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 114.0.1823.37: June 2, 2023

Fixed various bugs and performance issues.

One new feature (Edge Workspaces) and several new policies.

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific updates:

CVE-2023-29345
CVE-2023-33143

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 114.0.1823.41: June 6, 2023

Fixed various bugs and performance issues.

Important:

This update to Stable contains a fix for CVE-2023-3079, which has been reported by the Chromium team as having an exploit in the wild.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 114.0.1823.43: June 8, 2023

Fixed various bugs and performance issues

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 114.0.1823.51: June 15, 2023

Fixed various bugs and performance issues

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 114.0.1823.55: June 19, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

It appears update 114.0.1823.55 for Edge is no longer available.

It’s also not available from the “official” Edge download page.

Looks like MS pulled it for some reason.

1 user thanked author for this post.

Alex5723

Reply | Quote

Edge 114.0.1823.55 appears to have been “pulled” by MS, according to this blog (maybe due to having more unexpected problems than the 114.0.1823.51 version):
https://borncity.com/win/2023/06/21/edge-114-0-1823-55-pulled-web-view2-runtime-at-version-114-0-1823-55/

heck, even WSUS users are no longer seeing the 114.0.1823.55 version

1 user thanked author for this post.

Alex5723

Reply | Quote

I am on .55 how do I revert to previous version ?

Reply | Quote

forget about reverting, Alex5723.

update Edge to 114.0.1823.58 instead, which just came out to fix the problems found in the .55 build.

Reply | Quote

There are two different ways to do this.

1st option:

If your Group Policy includes Microsoft Edge Update > Applications > Microsoft Edge

Enable Target version override and enter 114.0.1823.51 as the version you want to roll back to.

Enable the Rollback to target version option.

Enable the Update policy override and select one of the following options

Always allow updates
Automatic silent updates only

Click OK to save the policy settings.

The rollback will happen the next time Microsoft Edge Update checks for an update. If you want the update to happen sooner, open Edge and select ⋯ > Help and feedback > About to “force” an update check.

2nd option:

Follow the instruction at How to Downgrade Microsoft Edge Version on Windows PC to uninstall Edge which will automatically revert it back to the previous version.

Note: C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.55\Installer will be the directory for your version.

Reply | Quote

nah alejr.

Better update Edge again to the recently released 114.0.1823.58 version. Hopefully Microsoft got things right this time as noted from the comment here:

We have released version 114.0.1823.58 which addresses the issue. Your Microsoft Edge browser will automatically update to the latest version.

Reply | Quote

Version 114.0.1823.67: June 29, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 114.0.1823.79, July 10, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Edge 114.0.1823.86 released
17th July 2023
Release notes

Fixed various bugs and performance issues.

If debian is good enough for NASA...

2 users thanked author for this post.

Alex5723, Just another Forum Poster

Reply | Quote

Version 115.0.1901.183: July 21, 2023

Incorporates the latest Security Updates of the Chromium project.

Contains the following Microsoft Edge-specific updates:

CVE-2023-38187
CVE-2023-38173
CVE-2023-35392

Fixed various bugs and performance issues.

New policies.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version: 115.0.1901.188: July 27, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Version 114.0.1823.106: August 7, 2023

Fixed various bugs and performance issues for Extended Stable release.

Stable channel security updates are listed here.”

Version 115.0.1901.200: August 7, 2023

Fixed various bugs and performance issues for Stable release.

Stable channel security updates are listed here.”

2 users thanked author for this post.

Just another Forum Poster, b

Reply | Quote

Version 115.0.1901.203: August 10, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 116.0.1938.54: August 21, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific updates:

CVE-2023-38158
CVE-2023-36787

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 116.0.1938.62: August 25, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific update:

CVE-2023-36741

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 116.0.1938.69: August 31, 2023

Fixed various bugs and performance issues

Incorporates the latest Security Updates of the Chromium project.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

Reply | Quote

Version 116.0.1938.76: September 7, 2023

Fixed various bugs and performance issues

Incorporates the latest Security Updates of the Chromium project.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 116.0.1938.81: September 12, 2023

Fixed various bugs and performance issues

Important: This update contains a fix for CVE-2023-4863, which has been reported by the Chromium team as having an exploit in the wild.

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 117.0.2045.31

Microsoft Edge (64-bit)

Microsoft Edge (32-bit)

https://www.ghacks.net/2023/09/16/microsoft-edge-117-launches-with-favorites-recovery-and-feature-removals/

1 user thanked author for this post.

b

Reply | Quote

Version 117.0.2045.35: September 19, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft pushing YouTube and Facebook in Edge ?

Reply | Quote

Version 117.0.2045.36: September 19, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 117.0.2045.40: September 22, 2023

Fixed various bugs and performance issues.

Release notes for Microsoft Edge Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 117.0.2045.47

This update to Stable channel contains a fix for CVE-2023-5217, which has been reported by the Chromium team as having an exploit in the wild

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 117.0.2045.55

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 118.0.2088.46

This update contains the following Microsoft Edge-specific update:

CVE-2023-36559

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 118.0.2088.57

Fixed various bugs and performance issues.

Feature updates

Icon change in Edge sidebar. The Bing icon entry point in the Microsoft Edge sidebar has been changed to the new Copilot icon. No other changes in this experience are expected.

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 118.0.2088.61

Fixed various bugs and performance issues

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 118.0.2088.69

Fixed various bugs and performance issues.

Feature updates
Designer (Preview) in the Microsoft Edge sidebar. All Microsoft Edge users with Manifest version 4.8.5 or higher (users can see their version using edge://sidebar-internals), including those that are working on managed devices, can now add the Designer (Preview) app to the Edge sidebar by clicking on the “+” and setting the Designer (Preview) toggle to on. Designer (Preview) allows you to experience the generative AI capabilities offered by Microsoft Designer https://designer.microsoft.com from inside the Edge browser….

1 user thanked author for this post.

b

Reply | Quote

Designer (Preview) … This release will be available in English for the following country/regions: Australia, India, New Zealand, South Africa, and the United States.

Reply | Quote

Version 118.0.2088.76: October 27, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific update: CVE-2023-44323

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 119.0.2151.44 release notes

1 user thanked author for this post.

b

Reply | Quote

Version 119.0.2151.58: November 9, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific updates:

CVE-2023-36014
CVE-2023-36024

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

Version 119.0.2151.72: November 16, 2023

Fixed various bugs and performance issues.

Incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific updates:

CVE-2023-36008
CVE-2023-36026

Release notes for Microsoft Edge Stable Channel
Release notes for Microsoft Edge Security Updates

1 user thanked author for this post.

Alex5723

Reply | Quote

Edge Copilot enable/disable has been moved to SideBar setting

Reply | Quote

Edge Version 119.0.2151.97

Fixed various bugs and performance issues.

Microsoft has a fix for CVE-2023-6345 to Microsoft Edge Stable Channel (Version 119.0.2151.97) and Microsoft Edge Extended Stable Channel (Version 118.0.2088.122), which has been reported by the Chromium team as having an exploit in the wild.

2 users thanked author for this post.

Microfix, b

Reply | Quote

SECURITY BUMP!
Just a heads up concerning CVE-2023-6345:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-6345

This ‘in-the-wild’ exploit has now been mitigated in the following:
Edge Stable 119.0.2151.97
and
Extended Stable 118.0.2088.122

You know what to do, if you haven’t already..

If debian is good enough for NASA...

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 120.0.2210.61

December 7, 2023
Microsoft has released the latest Microsoft Edge Stable Channel (Version 120.0.2210.61) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific updates:

CVE-2023-38174
CVE-2023-35618
CVE-2023-36880

Release Notes

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 120.0.2210.77

Microsoft has released the latest Microsoft Edge Stable Channel (Version 120.0.2210.77) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific update:

CVE-2023-36878

Release notes

1 user thanked author for this post.

b

Reply | Quote

20th December 2023:
Edge Update: 120.0.2210.89

Fixed various bugs and performance issues.

Feature updates

Microsoft Edge Workspaces improvements for offline functionality…

more info within:
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnote-stable-channel#version-1200221089-december-20-2023

no mention of the in-the-wild zero day CVE-2023-7024?
opaque transparency strikes again..tsk

Note: NIST CVE-2023-7024 is pending..

If debian is good enough for NASA...

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 120.0.2210.91

fix for CVE-2023-7024, which has been reported by the Chromium team as having an exploit in the wild.

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 120.0.2210.121

Fixed various bugs and performance issues

Release notes

Reply | Quote

… also includes security fixes for the latest six Chromium vulnerabilities.

1 user thanked author for this post.

Alex5723

Reply | Quote

I’d say that update pertains to the following link which MS does not disclose.
https://chromium.googlesource.com/chromium/src/+log/120.0.6099.200?pretty=fuller&n=1000

If debian is good enough for NASA...

Reply | Quote

More likely Chrome 120.0.6099.200

Reply | Quote

Microsoft Edge 120.0.2210.133

Microsoft has released the latest Microsoft Edge Stable Channel (Version 120.0.2210.133) which incorporates the latest Security Updates of the Chromium project.

This update contains the following Microsoft Edge-specific updates:

CVE-2024-21337
CVE-2024-20709
CVE-2024-20721
CVE-2024-20675

Reply | Quote

Microsoft Edge 120.0.2210.144

Microsoft has a fix for CVE-2024-0519 to Microsoft Edge Stable Channel (Version 120.0.2210.144), which has been reported by the Chromium team as having an exploit in the wild.

It’s worth highlighting that Microsoft Edge’s enhanced security mode feature mitigates this vulnerability. You can opt-in into this security feature and have peace of mind that Microsoft Edge is protecting you against this exploit.

2 users thanked author for this post.

n0ads, b

Reply | Quote

Microsoft Edge 121.0.2277.83

Microsoft has released the latest Microsoft Edge Stable Channel (Version 121.0.2277.83) and Microsoft Edge Extended Stable Channel (120.0.2210.160) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific updates:

CVE-2024-21326
CVE-2024-21388
CVE-2024-21385
CVE-2024-21383
CVE-2024-21382
CVE-2024-21387

Release notes

Reply | Quote

Microsoft Edge 121.0.2277.98

Microsoft has released the latest Microsoft Edge Stable Channel (Version 121.0.2277.98) and Microsoft Edge Extended Stable Channel (120.0.2210.167) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific update:

CVE-2024-21399

Fixed various bugs and performance issues.

1 user thanked author for this post.

n0ads

Reply | Quote

Microsoft Edge 121.0.2277.106

“Resolved an issue where the IntranetFileLinksEnabled policy did not work as expected while opening file:// links.”

Reply | Quote

Microsoft Edge 121.0.2277.110

“Fixed various bugs and performance issues.”

Reply | Quote

Microsoft Edge 121.0.2277.128

“Fixed various bugs and performance issues.

Fixes:

Edge has a feature that provides an option to import browser data on each launch from other browsers with user consent. This feature’s state might not have been syncing and displaying correctly across multiple devices. This is fixed…”

Reply | Quote

Warning: unfortunately for those with no need for or interest in using Microsoft’s Edge Sidebar, this update also forces a new Sidebar button/icon(/ad) onto the Edge toolbar that currently cannot be disabled/hidden via the browser Settings interface… 

Shame on you, Microsoft! 

Reply | Quote

I have no sidebar

Reply | Quote

But you have a Sidebar icon on your toolbar (right end).

1 user thanked author for this post.

Alex5723

Reply | Quote

b wrote:

But you have a Sidebar icon on your toolbar (right end).

Just found it 🙂

Reply | Quote

anonymous wrote:

Warning: unfortunately for those with no need for or interest in using Microsoft’s Edge Sidebar, this update also forces a new Sidebar button/icon(/ad) onto the Edge toolbar that currently cannot be disabled/hidden via the browser Settings interface.

I have Edge 121.0.2277.128 installed and, as you can see from the below image, it has no such icon so it can be disabled/hidden!

Not sure exactly which one of these may be responsible for doing it, but here’s the Edge Sidebar registry settings on my system.

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge]
"HubsSidebarEnabled"=dword:00000000
"SearchInSidebarEnabled"=dword:00000002
"StandaloneHubsSidebarEnabled"=dword:00000000

Reply | Quote

b wrote:

But you have a Sidebar icon on your toolbar (right end).

How to remove the sidebar icon

Go to Settings > System and performance and toggle off Startup boost.
Close Microsoft Edge.

Right-click your Microsoft Edge shortcut on the desktop (create one if you do not have it) and click Properties. Tip: you can select a shortcut and press Alt + Enter to get to the Properties window faster.

Click the Target field, place one space, and type –disable-features=msGenericIconSidebarButton

Save the changes and launch the browser using your modified shortcut. The sidebar button should no longer be there.

https://www.neowin.net/news/edge-got-a-new-sidebar-button-and-users-are-not-happy-here-is-how-to-turn-it-off/

Reply | Quote

Interesting.

I didn’t have to do any of the things suggested in that link and, as my above post shows, my new version of Edge has no sidebar button.

Maybe that’s because I don’t use a “Microsoft” account with Windows and don’t have a “Microsoft” profile in Edge?

Reply | Quote

I don’t think Microsoft account is relevant.

“Your browser is managed by your organization” indicates that you’ve used group policies to configure Edge.

Reply | Quote

Edge Version 122.0.2365.52

Reply | Quote

Includes switch for sidebar button (if Copilot is off):

… and security fixes for 11 CVEs.

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 122.0.2365.59

Fixed various bugs and performance issues.

Reply | Quote

Microsoft Edge 122.0.2365.66

Fixed various bugs and performance issues:

Resolved a network issue that prevented sites from loading within a Microsoft Defender Application Guard window.

Microsoft Edge support for Microsoft Defender Application Guard

Important

Microsoft Defender Application Guard, including the Windows Isolated App Launcher APIs, will be deprecated for Microsoft Edge for Business and will no longer be updated…

Because Application Guard is deprecated there won’t be a migration to Edge Manifest V3. The corresponding extensions and associated Windows Store app won’t be available after May 2024. This affects the following browsers: Application Guard Extension – Chrome and Application Guard Extension – Firefox. We recommend using AppLocker policies to prevent untrusted websites from loading in Chrome and Firefox…

Reply | Quote

I guess Edge 122.0.2365.66 released on Mar. 1 is a fix for the buggy 122.0.2365.63 version MS posted Feb. 29.

what happened to QA testing for MS Edge lately?

Reply | Quote

EP wrote:

what happened to QA testing for MS Edge lately?

Lately? When did a previous Edge update cause any problems?

Reply | Quote

Microsoft Edge 122.0.2365.80

Fixed various bugs and performance issues
Fixed a browser crash which occurred when the BrowsingDataLifetime policy was enabled.

Reply | Quote

Microsoft Edge 122.0.2365.92

This update contains the following Microsoft Edge-specific updates:

CVE-2024-26167
CVE-2024-26163
CVE-2024-26246

Reply | Quote

Edge Version 123.0.2420.53

CVE-2024-26247
CVE-2023-29057

Reply | Quote

Edge 123.0.2420.53 appears to have been quietly pulled. It was force expired on my SUS server early this morning, and is no longer available on the Edge Business download page or mentioned on the release notes page.

https://www.microsoft.com/en-us/edge/business/download?form=MA13FJ

https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnote-stable-channel

Anyone know what is going on?

Reply | Quote

NVtech777 wrote:

Edge 123.0.2420.53 appears to have been quietly pulled

Nope.

See Security Updates…

Release notes for Microsoft Edge Security Updates | Microsoft Learn

1 user thanked author for this post.

Alex5723

Reply | Quote

As of Tue Mar 26, 06:56 am EDT, Edge 122.0.2365.92 still shows as up-to-date on my Windows 10 22H2.

I also just checked Microsoft’s “official” Edge download site and, while the Edge Stable 123 channel shows version 123.0.2420.53 as available for download for Linux, Windows isn’t listed as an available download for that version.

The strange thing is, if I select the Edge Stable 122 channel, it shows version 122.0.2365.106 as the most current available for Windows.

So why hasn’t my Edge 122.0.2365.92 updated itself to 122.0.2365.106?

There’s also the fact the release notes for Edge stable now indicate it was released Fri 22 Mar even though, when I checked them yesterday afternoon – see my 26533465 post, those same release notes showed the 123 version hadn’t been released yet?!?!

And, at lease for some of us on Windows 10 22H2, Edge 122.0.2365.92 still shows as up to date?!?!

Obviously something “really weird” is going on with the release of the new 123 version of Edge!

Reply | Quote

122.0.2365.106 was only released to the “Extended Stable” channel. Mainstream browsers are on the “Stable” channel which will only update to 122.0.2365.92 at this time.

Even though the release notes and security updates pages still lists 123.0.2420.53, that may only be because it is available for Linux. At the time of my post yesterday, the entry for 123 had been removed from the release notes page but it reappeared a short time later.

Yes, something “really weird” is going on and MS is not being forthcoming about it.

Reply | Quote

n0ads wrote:

As of Tue Mar 26, 06:56 am EDT, Edge 122.0.2365.92 still shows as up-to-date on my Windows 10 22H2.

What with that ‘update policy…’notification ?

Reply | Quote

The full message is…

“Update policies are configured but will be ignored because this device isn’t domain joined.”

That’s most likely because a few of my Edge GP settings contain the following statement.

This policy is available only on Windows instances that are joined to a Microsoft® Active Directory® domain

And my system isn’t connected to an AD domain anymore.

I just ignore that message just like I ignore the *Some settings are managed by your organization message that shows at the top of the Windows Update screen because some of my GP settings that prevent automatic download/install of Windows updates.

BTW, that message has absolutely nothing to do with why my Edge isn’t being updated to the 123 channel. I’ve been seeing it for quite a while and, up til now, it’s always updated to the latest Stable version!

There’s also a TON of posts on the internet from others who’ve experienced issues where 123.0.2420.53 crashed right after it was released on March 22 and the only fix was to “manually” roll it back to 122.0.2365.92/122.0.2365.106

The fact some of us aren’t getting updated to the 123 channel would seem to indicate it still isn’t working properly for some PC’s and Microsoft isn’t letting it update if it detects your PC is one of those that might experience problems running it??

I can say, every time I’ve used About Microsoft Edge to check my version, I do see the small blue circling arrows for a few seconds before it says it’s up to date so it is connecting to the MS servers and checking for an update.

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft pulls Edge 123 from the Stable Channel with its ‘Microsoft Copilot’ app

Earlier this week, Microsoft released Edge 123 in the Stable Channel. On the surface, it appeared to be a regular update without anything major or groundbreaking—just a bunch of enterprise features and lots of fixes. However, the update turned out to be an odd one, and Microsoft pulled it out.

Shortly after installing Edge version 123.0.2420.53, users, including Neowin, noticed that the list of installed apps in Settings received a mysterious 0KB “Microsoft Copilot” entry…

It is possible that Microsoft accidentally shipped the app to all users and then had to revoke Edge 123 to fix the misfired release. As of writing this article, Microsoft Edge and its official website say version 122.0.2365.92 is the latest stable version (* wrong)…

Reply | Quote

May I ask if the consensus is, at the time of this post, on Win 10 Pro, to simply update Edge? ie Settings>Help & feedback>about Microsoft Edge? That option auto ‘checks for updates’, no going back.? And assume that 123 has indeed been pulled? I have been offline since above debacle. My installed version is 122.0.3365.92. (I am about to install March Windows updates (CU). What a mess, you can imagine all us home users (even if on Win Pro) wondering what to do. I have NO interest in Copilot, and had applied Susan’s scripts to prevent it.

 

Reply | Quote

Deo wrote:

about Microsoft Edge? That option auto ‘checks for updates’, no going back.?

Actually, there is a “downgrade” procedure for Edge…it requires that you have an Edge .msi file for the version you want to go back to.

Download the Edge .msi to either your Desktop, or your Downloads folder.

I use this link for the .msi –

Download Edge for Business (microsoft.com)

Scroll down to the section “Looking for an older version of Edge?” and get the version you want.

Open an elevated (Run as administrator) Command prompt.

cd to either the Desktop or Download folder.

Enter (copy and paste the following command)…

msiexec /I MicrosoftEdgeEnterpriseX64.msi /qn ALLOWDOWNGRADE=1 /L*V “C:\package.log”

Note: Make sure full permissions for Administrators and yourself are set in msiexec.exe located in C:\Windows\System32 and C:\Windows\SysWOW64

 

 

1 user thanked author for this post.

Deo

Reply | Quote

Thk you muchly  for instructions posted for others use:)!  Did you have to go this route? Did it work for you?

Reply | Quote

Thank you OldNavyGuy, yet WHY should we HAVE to go through such extremes?? No ordinary user knows how to do this! It reminds me of Jan 2023 Edge debacle all over again, a mess!

https://www.askwoody.com/forums/topic/new-microsoft-edge-shortcuts-added-to-all-desktop-profiles/

Reply | Quote

Deo wrote:

Thk you muchly for instructions posted for others use:)! Did you have to go this route? Did it work for you?

I’ve had to a couple of times…it does work, and I just did one a few minutes ago (from 123.0.2420.53 to 122.0.2365.92).

It’s also a good idea to backup your Edge profile beforehand, and restore it after you’ve done the rollback…otherwise, your profile will be rolled back as well.

You can use Macrium (I use Hasleo) to do a folder backup.

The path is –

C:\Users\<Your User Name>\AppData\Local\Microsoft\Edge\User Data

I also do it before upgrading Edge to a new version.

To restore, you’ll have to boot using the imaging software’s emergency disk, as the folder will be in use on a running Windows system.

I have a Defender firewall block on Edge updates when Settings > About is selected…just in case there are any shenanigans with the update.

I download and run Edge updates manually.

 

Reply | Quote

Deo wrote:

WHY should we HAVE to go through such extremes??

Trying to rollback to a previous version by simply right-clicking on the .msi file for that version, and selecting Install, will fail.

You’d have to ask Microsoft that question…

 

Reply | Quote

Deo wrote:

May I ask if the consensus is, at the time of this post, on Win 10 Pro, to simply update Edge? ie Settings>Help & feedback>about Microsoft Edge? That option auto ‘checks for updates’, no going back.?

There is nothing wrong with Edge 123 which fixes 2 security bugs.
Microsoft Copilot can just be uninstalled.

Reply | Quote

Alex5723 wrote:

There is nothing wrong with Edge 123 which fixes 2 security bugs. Microsoft Copilot can just be uninstalled.

Except…that it’s been pulled from Stable for Windows.

Download Edge for Business (microsoft.com)

Reply | Quote

OldGuyForum wrote:

Alex5723 wrote:

There is nothing wrong with Edge 123 which fixes 2 security bugs. Microsoft Copilot can just be uninstalled.

Except…that it’s been pulled from Stable for Windows.

Download Edge for Business (microsoft.com)

As I said, nothing is wrong with Edge 123 which is installed on my Win 10 22H2.
The notice about Edge 123 update is still on Microsoft’s site and hasn’t been removed.

https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#march-22-2024

I am a home user and not concerned about business users.

Reply | Quote

Mar 27 09:09 am EDT:

Just checked About Microsoft Edge on my Windows 10 Pro 22H2 and it still shows 122.0.2365.92 as up to date!

FYI, late yesterday while helping a user try to figure out why their Word 2003 always hung when being used away from their in-house network (it experienced ~90 – 120 secs of “not responding” before they could use it) I verified all 6 of their Windows 10 22H2 PC’s are still on Edge 122.0.2365.92 and aren’t getting the new 123 channel upgrade.

So it “appears” MS has stopped offering 123.0.2420.53 to any PC’s that haven’t already received it; thus eliminating the need to go thru a rollback procedure.

Reply | Quote

Alex5723 wrote:

Microsoft pulls Edge 123 from the Stable Channel with its ‘Microsoft Copilot’ app

New info from the above link.

Update: A Microsoft spokesperson said the update was paused to ensure compatibility with certain enterprise configurations:

The rollout for Microsoft Edge 123 was paused to ensure compatibility with certain enterprise configurations related to storage of user profile data. It was not related to Microsoft Copilot. We plan to resume the rollout of Edge 123 as soon as March 27, 2024.

1 user thanked author for this post.

b

Reply | Quote

I too am also still on Edge .92

I just tried the Edge Help About which shows “up to date”.

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Alex5723 wrote:

The notice about Edge 123 update is still on Microsoft’s site and hasn’t been removed.

Has nothing to do with the fact that the installer was removed.

Alex5723 wrote:

I am a home user and not concerned about business users.

It’s the same version for both.

 

Reply | Quote

Tex265 wrote:

I too am also still on Edge .92 I just tried the Edge Help About which shows “up to date”.

It’s currently up to date on .92 for the Stable channel.

 

 

Reply | Quote

Looks like ver. 123 is in cue. To update or not, that is the question. Don’t wish to have to go through the ‘rollback’ procedure. I wonder if I hold off, if whatever is in cue will be replaced once Microsoft releases a newer (corrected) version?

(I have ‘metered connections’ on in network to prevent auto updating when checking Edge)

Reply | Quote

Just checked and my Edge has been updated to 123.0.2420.65 and the Edge release notes have been updated to show that’s the current Stable version.

So it appears MS decided to skip fixing whatever was wrong with .53 and just go directly to version .65.

So far, I haven’t noticed anything unusual with using this version!

BTW, the update did install the Microsoft Copilot app but. since I didn’t want it, I used the uninstall option and it’s now gone!

3 users thanked author for this post.

b, Bob99, Deo

Reply | Quote

Installed .53 last Friday the 23rd., noticed right afterwards Copilot app was installed and removed it immediately upon noticing it.

Just now updated from .53 to .65 using Edge’s built-in updater and Copilot did not reappear. I then installed Edge WebView .65 (updating from .53) and no Copilot installed after that either.

So, it may very well be that Copilot only gets installed upon first getting Edge 123 installed, either via an update from 122 or via a new installation for those who’ve removed it but might need it back for one reason or another.

BTW, from what I recall seeing on my list of installed apps at Settings>Apps>Apps & features list, the Copilot app itself was tiny, only around 8k in size from what I remember seeing.

Reply | Quote

Edge Version 123.0.2420.65) and Extended Stable Channel (Version 122.0.2365.113)

Microsoft has a fix for CVE-2024-2883

* No Microsoft Copilot

Reply | Quote

Microsoft Edge fixes 0-day vulnerability: confirms all Chromium-based browsers vulnerable

Microsoft released a security update for its Edge web browser that address several security issues, including one that is exploited in the wild…

The company has now released 123.0.2420.65, which addresses eight unique security issues in the browser.

One of them is CVE-2024-2883, which affects all Chromium-based browsers. The official CVE page on Microsoft’s website reveals that the issue is already attacked in the wild.

Microsoft writes: “Google is aware that an exploit for CVE-2024-2883 exists in the wild.”..

https://www.neowin.net/news/microsoft-edge-gets-fixes-for-zero-day-vulnerabilities-exploited-in-the-wild/

Microsoft recently re-released Edge 123 in the Stable Channel. The company pulled the update earlier to resolve compatibility issues with certain enterprise configurations. Now, the update is back with the necessary fix and four zero-day vulnerability fixes that, according to Microsoft, are exploited in the wild…

1 user thanked author for this post.

Deo

Reply | Quote

I was just Edge updated to 123.0.2420.65 and I note that I now have under Settings >Apps and entry for “Microsoft Copilot” at 8.00KB size.  I haven’t right clicked on it for fear of activating or installing, but a left click does nothing (no uninstall – nothing).

How do I NOT install it?  Or is it just a place holder for later?

Is there a Copilot for Edge and separately for Windows?

I have no entries on my Taskbar.

Also, after the Edge update, I am showing nothing on/within the Edge browser indicating anything Copilot related.  What am I missing?

Finally, back when the Copilot discussion first started, Susan and PKCano created a discussion on various ways to hide and uninstall, eliminate Copilot via some Registry entries and/or utilizing the Group Policy feature.  Can someone point me to those postings as I can’t seem to locate them within all the subsequent Copilot posting discussions.

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Tex265 wrote:

I haven’t right clicked on it for fear of activating or installing, but a left click does nothing (no uninstall – nothing).

Strange??

After my Edge was updated to 123.0.2420.65 and the Microsoft Copilot app was installed, left clicking it in Apps & Features displayed the following options.

And selecting Uninstall worked just fine.

BTW, Microsoft Copilot and Windows Copilot are two completely different things.

Microsoft Copilot is simply the Bing Chat app using a new name and can, so far, be uninstalled (see the Apparently, I’ve been dribbled Copilot. Now what? thread for more info.)

Windows Copilot is a integral part of the Windows OS and can’t be uninstalled, only disabled.

1 user thanked author for this post.

Bob99

Reply | Quote

Tex265 wrote:

Finally, back when the Copilot discussion first started, Susan and PKCano created a discussion on various ways to hide and uninstall, eliminate Copilot via some Registry entries and/or utilizing the Group Policy feature. Can someone point me to those postings as I can’t seem to locate them within all the subsequent Copilot posting discussions.

Ask and ye shall receive. Below are the links to the three different KnowledgeBase articles on how to clip CoPilot’s proverbial wings using Group Policy (if you’re on a Pro version of Windows) and/or making changes in the registry (if you’re on the Home version of Windows). There’s even an article covering how to keep it from appearing in MS365! I hope these are what you were thinking of!

https://www.askwoody.com/forums/topic/9000001-blocking-copilot-in-windows-10-and-11-home-sku/

https://www.askwoody.com/forums/topic/9000002-blocking-copilot-in-windows-10-and-11-professional-sku/

https://www.askwoody.com/forums/topic/9000003-blocking-copilot-in-microsoft-365/

Reply | Quote

Tex265 wrote:

How do I NOT install it?  Or is it just a place holder for later?

There is nothing to install.
Go to Apps & Features and uninstall.

Reply | Quote

Edge Version 123.0.2420.81

Microsoft has released the latest Microsoft Edge Stable Channel (Version 123.0.2420.81) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific update:

CVE-2024-29981
CVE-2024-29049

Reply | Quote

Microsoft fixes five security vulnerabilities in Edge 123

Microsoft is rolling out a new Edge update for version 123 in the Stable Channel. 123.0.2420.81 does not bring new features or notable changes. Instead, it fixes five security vulnerabilities within the browser. Three are the latest Chromium security patches, and the other two are Microsoft Edge-specific…

CVE-2024-29981
CVE-2024-29049

Chromium: CVE-2024-3156 Inappropriate implementation in V8

Chromium: CVE-2024-3158 Use after free in Bookmarks

Chromium: CVE-2024-3159 Out of bounds memory access in V8..

Reply | Quote

Microsoft Edge 123.0.2420.97

Microsoft has released the latest Microsoft Edge Stable Channel (Version 123.0.2420.97) which incorporates the latest Security Updates of the Chromium project.

Fixed various bugs and performance issues, improved reliability.
Improved reliability

Fixed a browser crash which was related to Microsoft Edge Sync.

Chromium: CVE-2024-3515 Use after free in Dawn: Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Chromium: CVE-2024-3516 Heap buffer overflow in ANGLE: Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Chromium: CVE-2024-3157 Out of bounds write in Compositing: Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)

Reply | Quote

Microsoft Edge 124.0.2478.51

Microsoft has released the latest Microsoft Edge Stable Channel (Version 124.0.2478.51) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific updates:

CVE-2024-29986
CVE-2024-29987
CVE-2024-29991

Feature updates

Reply | Quote

Microsoft Edge 124.0.2478.67

Incorporates the latest Security Updates of the Chromium project.

Users that download potentially dangerous content on HTTP sites will receive a UI warning, (for example, “sample.exe can’t be downloaded securely”)…

Removes “Microsoft chat provider for Copilot in Windows”..

Email notifications for extension requests in the Microsoft Edge management service…

Reply | Quote

Microsoft Edge version 124.0.2478.80

Fixed various bugs and performance issues.

Sidebar Tools App – SpeedTest. Adding a SpeedTest answer by default to the Tools app in the Microsoft Edge sidebar.

CVE-2024-4331: Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-4368: Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Reply | Quote

Microsoft Edge 124.0.2478.97
Important

This update to Stable channel (and Extended Stable channel) contains a fix for CVE-2024-4671, which has been reported by the Chromium team as having an exploit in the wild.

Reply | Quote

Microsoft Edge 124.0.2478.105

(re-fixed)

Microsoft has a fix for CVE-2024-4761 to Microsoft Edge Stable Channel and Extended Stable Channels, (Version 124.0.2478.105), which has been reported by the Chromium team as having an exploit in the wild.

1 user thanked author for this post.

b

Reply | Quote

Alex5723 wrote:

(re-fixed)

Different Chromium flaw though.

1 user thanked author for this post.

Alex5723

Reply | Quote

My bad. 🙁

Reply | Quote

Microsoft Edge 124.0.2478.109 released THU May 16

security fix for CVE-2024-4947

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 125.0.2535.51

No release notes.

https://www.neowin.net/news/microsoft-edge-125-is-now-available-with-workspace-copy-paste-improvements-and-more/

Improved user experience for Purview copy/paste controls in Edge. Our Purview cut/copy/paste experience is now more user friendly with self-dismissing dialogs on successful paste. The existing “Paste to supported browsers” setting allows organizations to classify and protect the content that end users can paste – both to specific websites and through supported browsers. You can follow the instructions in Use Endpoint data loss prevention (DLP) to create the DLP policy.

New Workspaces color display: browser window outline. Workspaces each have a dedicated color, and that color is now displayed as an outline on the browser window. The previous experience applied the color across the entire tab strip in horizontal tab orientation, and across the title bar in vertical tab orientation. Note: This feature is a controlled feature rollout. If you don’t see this feature, check back as we continue our rollout.

Full Favorites Bar available in Workspaces. Workspaces now display a user’s full set of favorites in the Favorites Bar, with a dedicated workspace folder accessible from the bar. The previous experience replaced the Favorites Bar with the workspace favorites folder. Note: This feature is a controlled feature rollout. If you don’t see this feature, check back as we continue our rollout.

Reply | Quote

Nice quote from the Neowin article. For those who’re interested, here are the full release notes for this latest update, 125.0.2535.51:

https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnote-stable-channel#version-1250253551-may-17-2024

Sorry, but, as of this writing, there are no security release notes for this particular release.

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 125.0.2535.67

Fixed various bugs and performance issues

This update to Stable channel contains a fix for CVE-2024-5274, which has been reported by the Chromium team as having an exploit in the wild.

Reply | Quote

Microsoft Edge 125.0.2535.79

“Fixed various bugs and performance issues, improved reliability.

Microsoft Defender Application Guard extension deprecation. Because Application Guard is deprecated, there won’t be a migration to Edge Manifest V3. ..

Fixed a browser crash which occurred on startup in cases where the profile information was cached in an incorrect format.

Resolved an issue which affected the “View in File Explorer” option in SharePoint Online.”

* Google Chrome 125.0.6422.142 had 11 security updates.

Reply | Quote

Microsoft Edge 125.0.2535.85

Fixed various bugs and performance issues

Microsoft has released the latest Microsoft Edge Stable Channel (Version 125.0.2535.85) which incorporates the latest Security Updates of the Chromium project.

Reply | Quote

CVE-2024-5493: Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-5494: Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-5495: Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-5496: Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CVE-2024-5497: Out-of-bounds memory access in Keyboard Inputs in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-5498: Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-5499: Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Reply | Quote

Microsoft Edge 125.0.2535.92
Fixed various bugs and performance issues

Reply | Quote

Edge version 126.0.2592.56

“Microsoft has released the latest Microsoft Edge Stable Channel (Version 126.0.2592.56) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific updates:

CVE-2024-30057
CVE-2024-30058
CVE-2024-38083”

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 126.0.2592.61

Fixed various bugs and performance issues.

Reply | Quote

Microsoft Edge 126.0.2592.68

Microsoft has released the latest Microsoft Edge Stable Channel (Version 126.0.2592.68) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific updates:

CVE-2024-38082
CVE-2024-38093

Reply | Quote

Edge 126.0.2592.81

Fixed various bugs and performance issues, improved reliability.

Fixed a browser crash that occurred when a user interacted with a drop-down list with over 1,000 items.

Resolved an issue that affected printing after scrolling down a webpage. This fix adjusts for scroll offset when printing.

Security updates in Microsoft Edge 126.0.2592.81 include six patches, two of which are for remote code execution vulnerabilities (one of critical severity):

CVE-2024-35260: Microsoft Dataverse Remote Code Execution Vulnerability (Security severity: critical)
CVE-2024-34122: Microsoft Edge Remote Code Execution Vulnerability (Security severity: moderate)
CVE-2024-6290: Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-6291: Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-6292: Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-6293: Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

https://www.neowin.net/news/microsoft-fixes-edge-crashes-and-printing-issues-in-the-latest-update/

Reply | Quote

Microsoft Edge 126.0.2592.87

“Fixed various bugs and performance issues, improved reliability.

Improved reliability
Fixed a browser crash that occurred when an on-premises sync user deleted a Favorite.”

Reply | Quote

Microsoft Edge 126.0.2592.102

“Fixed various bugs and performance issues.”

Release notes

Reply | Quote

Microsoft Edge Version 126.0.2592.113

“Fixed various bugs and performance issues, improved reliability.

Improved reliability
Fixed a renderer crash (STATUS_ACCESS_VIOLATION) that occurred when using some sites with web contents accessibility enabled, including on the Azure portal or Intune dashboard.

Fixes
Resolved an issue that allowed the Microsoft Edge New Tab Page feed to be activated even when the NewTabPageContentEnabled policy was set to disabled.”

Reply | Quote

Version 127.0.2651.74

Improved reliability

Fixed a browser crash that happened when using the Microsoft Edge Password Generator.

Fixes

Updated HttpAllowlist policy. Automatic HTTPS should now respect the HttpAllowlist policy, which provides a list of hostnames that HTTP should be permitted on.

Resolved issue. Fixed an issue that prevented the Translate icon in the omnibox from being clickable.

This update contains the following Microsoft Edge-specific update:

CVE-2024-38103
CVE-2024-39379..

Reply | Quote

Version 127.0.2651.86

Microsoft has released the latest Microsoft Edge Stable Channel (Version 127.0.2651.86) and Extended Stable channel (Version 126.0.2592.132) which incorporate the latest Security Updates of the Chromium project

CVE-2024-6990 Uninitialized Use in Dawn (severity level critical): Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page.

CVE-2024-7255 Out of bounds read in WebTransport (severity level high): Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page.

CVE-2024-7256 Insufficient data validation in Dawn (severity high): Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page…

https://www.neowin.net/news/edge-127-gets-three-security-updates-and-organizational-branding-cumstomization-feature/

Reply | Quote

Edge Version 127.0.2651.98

Microsoft has released the latest Microsoft Edge Stable Channel (Version 127.0.2651.98) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific updates:

CVE-2024-38219
CVE-2024-38218

1 user thanked author for this post.

b

Reply | Quote

https://www.neowin.net/news/microsoft-patches-eight-security-vulnerabilities-in-the-latest-edge-update/

Chromium-specific patches include five fixes for high-severity and one for critical security vulnerability:

CVE-2024-7550: Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-7536: Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-7535: Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-7534: Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-7533: Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-7532: Out-of-bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Reply | Quote

Microsoft fixes Edge crashes when uploading documents

Edge version 127.0.2651.105

Microsoft has released the latest Microsoft Edge Stable Channel (Version 127.0.2651.105) which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific update:

CVE-2024-43472
Improved reliability

Fixed a browser crash (STATUS_BREAKPOINT) that occurred when trying to upload documents on some websites…

1 user thanked author for this post.

b

Reply | Quote

Edge Version 128.0.2739.42

“

Microsoft has a fix for CVE-2024-7971 to Microsoft Edge Stable Channel (Version 128.0.2739.42) which has been reported by the Chromium team as having an exploit in the wild. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific updates:

CVE-2024-41879
CVE-2024-38208
CVE-2024-38207
CVE-2024-38210
CVE-2024-38209

https://www.neowin.net/news/microsoft-releases-edge-128-with-edge-bar-improvements-sse3-requirements-and-more/

Fixes

Fixed an issue that caused high CPU usage of renderer processes when running Selenium tests and calling driver.quit() to end the testing session.

Feature updates

SSE3 Requirement. Microsoft Edge stopped supporting CPUs that lack SSE3. Devices with such CPUs won’t receive any more updates. For more information, see Microsoft Edge Supported Operating Systems….

Reply | Quote

Edge Version 128.0.2739.54

Release notes

1 user thanked author for this post.

b

Reply | Quote

Microsoft Edge 128.0.2739.63

“Fixed an issue that prevented pages from fully loading when retrieving resources from the HTTP cache and DevTools showed the requests failing with net::ERR_FAILED.”

Reply | Quote

And two days later, they release another update for Edge, version 128.0.2739.67. Here’s what they say about it in the release notes:

Fixed various bugs and performance issues.

That’s all, nothing else. So, no rush to get it. After all, MS didn’t even bother to specifically say what was fixed, so they must not be too worried about the fixes. At least for the .63 release back on Tuesday, they said something specific.  🤐

1 user thanked author for this post.

Alex5723

Reply | Quote

Edge Version 128.0.2739.79

“Fixed an issue that caused deployed pinned Shortcuts to the Taskbar to be duplicated.
Fixed a browser crash that occurred when trying to launch a custom protocol from a web page when using the URLAllowlist policy on a managed device.

Stable channel security updates are listed here.”

https://www.neowin.net/software/microsoft-edge-1280273979/

Reply | Quote

https://www.neowin.net/news/microsoft-fixes-edge-crashes-and-taskbar-shortcut-duplication/

CVE-2024-8636: Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-8637: Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-8638: Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-8639: Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Reply | Quote

Microsoft Edge 129.0.2792.52

“Fixed various bugs and performance issues, feature updates, site impacting compatibility changes, and policy updates.”

Edge Version 128.0.2739.90: September 19, 2024

Reply | Quote

Microsoft releases Edge 129 with deprecated CryptoWallet and OS requirement changes

Reply | Quote

Microsoft Edge 129.0.2792.65
Microsoft Edge 128.0.2739.97

Fixed various bugs and performance issues, and feature updates.

https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnote-stable-channel

“Microsoft Edge sidebar updates. For inactive sidebar users and new Edge users, the sidebar is turned OFF. Users can always return to Settings > Sidebar and turn the sidebar ON again at any time. For active sidebar users, the current sidebar state stays the same.

Administrators can control the availability of the sidebar using the HubsSidebarEnabled policy.”

1 user thanked author for this post.

b

Reply | Quote

Also fixes four Chromium CVEs:

https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#september-26-2024

(And fixed a recent bug opening new tab or window from right-click on favorite).

1 user thanked author for this post.

Alex5723

Reply | Quote

Why are there 2 update versions 128, 129 ?

Reply | Quote

I have a feeling that it’s because 128 is probably considered to be on an “ESR” type of channel for the time being. There have been two versions in recent history, one right behind the other. Take a look down through the release notes over the last several months and you’ll see evidence of this.

1 user thanked author for this post.

Alex5723

Reply | Quote

Starting with Stable channel version 94, Microsoft Edge is moving to a 4-week major release cycle cadence. However, we recognize that enterprise customers who manage complex environments need more time to plan and test Microsoft Edge updates. To help our enterprise customers who need an extended timeline to manage updates, Microsoft Edge offers an Extended Stable option aligned to a longer, 8-week major release cycle. This option is only available for customers with managed environments. For more information, see How to opt-in to the Extended Stable release cycle option beginning with Microsoft Edge 94

Microsoft Edge release schedule

The 8-week “Extended Stable” release option for Microsoft Edge Stable delivers cumulative feature updates that align with even-numbered releases beginning with Microsoft Edge 94. Feature updates from odd-numbered releases are packaged and delivered as part of the subsequent even-numbered release.

Extended Stable Channel

1 user thanked author for this post.

Alex5723

Reply | Quote

Edge updated for me on the 27th. Since then I have 6 instances of msedgewebview2.exe always running. My searches say nothing you can do. The “running in the background” and other settings in Edge do not affect these. Recommended not to uninstall as Outlook, for example, now uses this as its html engine.

Any solution? Waste of memory!

Reply | Quote

It’s not necessarily Edge that’s causing this as msedgewebview2 is used to embed web content into Windows apps (like how Outlook now uses it for html.)

What you need to determine is exactly what app is auto-starting that uses it and stop it from auto-starting.

I.e. if it’s installed on your system, widgets.exe starts 6 instances of msedgewebview2 (Stopping msedgewebview2.exe to reclaim RAM)

Bear in mind, it’s also possible for an app to auto-start if it’s set as a service or via a scheduled task that’s set to start At logon of any user.

Reply | Quote

Pretty interesting. Thanks.

All the instances of msedgewebview2.exe have PID’s that are not listed under services. Widgets.exe is not running nor does it come up on a search. I do have news and interests running and turning that off did not turn off any of the msedgewebview2.exe’s.

Outlook is a startup app. Antivirus. Bunches of Adobe services. Nothing obvious that would be inserting images.

Off to read your link.

Reply | Quote

Definitely no widgets.

I had hoped procmon might help, but nothing of interest there:

Reply | Quote

Microsoft Edge 129.0.2792.79 / 128.0.2739.107

“Microsoft has released the latest Microsoft Edge Stable Channel (Version 129.0.2792.79) and Microsoft Edge Extended Stable Channel (128.0.2739.107) which incorporate the latest updates of the Chromium project”

Reply | Quote

Microsoft Edge 129.0.2792.89/128.0.2739.113

Fixed various bugs and performance issues.
Stable channel security updates are listed here.

Reply | Quote

Edge Version 130.0.2849.46

Reply | Quote

The link in Alex’s post above goes to the general release notes for version 130.0.2849.46, and here are the security update release notes for the same version:

https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#october-17-2024

For new versions of Edge, many times MS will publish separate release notes for the security updates that are contained in a version update of MS Edge, which results in two separate sets of release notes for the same version number.

1 user thanked author for this post.

Alex5723

Reply | Quote

Microsoft Edge 130.0.2849.52
“Fixed various bugs and performance issues.”

Reply | Quote

Microsoft Edge Stable Channel (Version 130.0.2849.68)

CVE-2024-10487
CVE-2024-10488

https://www.tenable.com/plugins/nessus/210016

Reply | Quote

Microsoft Edge 131.0.2903.51

Fixed various bugs and performance issues

Microsoft Edge WebView2 Runtime will no longer appear in the Installed Apps list in Windows Settings because it is a persistent system component.

Really ?

Reply | Quote

ps Edge WebView2 Runtime hasn’t been updated to version 131.0.2903.51 following Edge update.

Reply | Quote

Edge 131.0.2903.63

“Fixed various bugs and performance issues.
Fixed an issue which prevented the “Delete browsing data” dialog window from closing after clicking the “Clear now” button.”

Reply | Quote

Edge 131.0.2903.70

Release notes (none yet)

Reply | Quote

Release notes :

Fixed various bugs and performance issues.

Fixes
Fixed an issue on Windows that caused rendering issues and missing text when viewing certain PDF files containing Japanese fonts.

Reply | Quote

Microsoft Edge 131.0.2903.86

Fixed various bugs and performance issues.

This update contains the following Microsoft Edge-specific update:

CVE-2024-49041

Reply | Quote

Microsoft Edge 131.0.2903.99

Fixed various bugs and performance issues

Reply | Quote

… also includes security fixes for two high severity Chromium flaws CVE-2024-12381 and CVE-2024-12382.

1 user thanked author for this post.

Alex5723

Reply | Quote

Just curious, wonder if they have mitigated the Darkgate ‘Vishing’ issue between MicrosoftEdgeUpdateCore.exe and MS Teams that evades AV detection and introduces malware?

If debian is good enough for NASA...

Reply | Quote

Did that social engineering attack involve Edge or any software flaw?

Mitigation is:

Provide employee training to raise awareness about social engineering tactics, phishing attempts, and the dangers of unsolicited support calls or pop-ups. Well-informed employees are less likely to fall victim to social engineering attacks, strengthening the organization’s overall security posture.

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion

Reply | Quote

Microsoft has released the latest Microsoft Edge Stable Channel (Version 131.0.2903.112) And Extended Stable Channel (Version 130.0.2849.123) that incorporates the latest updates of the Chromium project.

Fixed various bugs and performance issues.

1 user thanked author for this post.

b

Reply | Quote

Fixed :

CVE-2024-12695: Out-of-bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CVE-2024-12694: Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-12693: Out-of-bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CVE-2024-12692: Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Reply | Quote

Microsoft has released the latest Microsoft Edge Stable Channel (Version 132.0.2957.127) which incorporates the latest updates of the Chromium project. For more information, see the Security Update Guide.

This update contains the following Microsoft Edge-specific update:

CVE-2025-21262

1 user thanked author for this post.

b

Reply | Quote

Microsoft has released the latest Microsoft Edge Stable Channel (Version 132.0.2957.140) which incorporates the latest updates of the Chromium project.

1 user thanked author for this post.

b

Reply | Quote

Edge 133.0.3065.51

Microsoft has released the latest Microsoft Edge Stable Channel (Version 133.0.3065.51) which incorporates the latest updates of the Chromium project.

This update contains the following Microsoft Edge-specific update:

CVE-2025-21253
CVE-2025-21404
CVE-2025-21267
CVE-2025-21279
CVE-2025-21283
CVE-2025-21408
CVE-2025-21342

Release notes

Reply | Quote

Microsoft Edge 133.0.3065.82

Fixed various bugs and performance issues for Stable Channel.

CVE-2025-0999: Heap buffer overflow in V8 allows remote attackers to exploit heap corruption using special HTML pages (high severity).

CVE-2025-1006: Use after free in Network allows remote attackers to exploit heap corruption with web apps (medium severity)

CVE-2025-1426: Heap buffer overflow in GPU allows remote attackers to exploit heap corruption using special HTML pages (high severity)

Reply | Quote

Microsoft Edge Version 134.0.3124.51 release notes

This update contains the following Microsoft Edge specific security fixes:

CVE-2025-26643

Reply | Quote