Microsoft releases emergency security update for Edge
A day after Google released an emergency update for its Chrome web browser, Microsoft fixed the security issue in its Microsoft Edge web browser.
Google released an emergency security update to patch a 0-day security issue in the browser. The issue, rated with a severity of high, was reported to the company on March 23, 2022. Google noted that it is aware of attacks targeting the vulnerability in Chrome. The company did not provide specifics, e.g., on the scope of the attacks or its targets.
Microsoft published a security update for its Edge web browser that patches the issue. Edge supports automatic updates but these do not get installed in real-time on devices. Edge users may want to check for updates manually to install the security update as early as possible.
- Open the Microsoft Edge web browser.
- Select Menu > Help and Feedback > About Microsoft Edge, or load edge://settings/help directly in the address bar.
The installed version is displayed on the page that opens, and Edge will run a check for updates. The check should find the new version that brings Edge's version to 99.0.1150.55. The update is downloaded and installed automatically at this point, and a restart is required to complete the process. The update is available for all desktop operating systems that Edge supports.
Microsoft lists the issue under CVE 2022 1096 on its security vulnerabilities tracker website, but does not provide additional information on the issue.
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Google is aware that an exploit for CVE-2022-1096 exists in the wild.
The Microsoft Edge web browser is based on Chromium, the same core that Google's Chrome web browser is based on. Most security issues that affect Google Chrome do affect other Chromium-based browsers as well, including Microsoft Edge, Vivaldi, Brave or Opera.Advertisement