Vivaldi and Microsoft patch 0-day vulnerability in their browsers

Martin Brinkmann
Apr 16, 2022
Microsoft Edge, Vivaldi
|
5

Vivaldi and Microsoft have released updates for their web browsers that address security issues, including one that is exploited actively in the wild.

Vivaldi Technologies announced the release of a minor update for the desktop version of the Vivaldi web browser on April 15, 2022. The new version of the web browser is available already and is downloaded and installed automatically on most devices.

Vivaldi users may speed up the installation of the update by selecting Vivaldi Menu > Help > Check for Updates. The page that opens displays the current version that is installed; a newer version is downloaded and installed automatically at this point, if available.

The release announcement on the Vivaldi website is short, but to the point:

[Chromium] Upgraded to 100.0.4896.133 (includes fix for CVE-2022-1364)

Vivaldi released five minor updates for version 5.2 of the browser, which it released in early April 2022.

Microsoft published an update for the desktop version of its Microsoft Edge web browser as well. The update is available already and should be distributed to most devices running Edge automatically.

microsoft edge 0-day

Edge users may speed up the installation of the update by loading edge://settings/help in the browser's address bar. The page that opens displays the installed version. A check for a newer version is performed automatically on page open, and any new version that is found is downloaded and installed automatically.

The release notes for Microsoft Edge 100.0.1185.44 confirm that the update includes the security fix for the Chromium vulnerability that is exploited in the wild:

This update contains a fix for CVE-2022-1364, which has been reported by the Chromium team as having an exploit in the wild. For more information, see the Security Update Guide.

Microsoft notes that the update includes a fix for the Edge-specific vulnerability as well. The vulnerability, CVE-2022-29144, fixes an elevation of privilege vulnerability in Microsoft's browser. The Edge-specific issue is not exploited actively according to Microsoft.

Google released a security update for its Chrome web browser as well to address the security issues.

Summary
Vivaldi and Microsoft patch 0-day vulnerability in their browsers
Article Name
Vivaldi and Microsoft patch 0-day vulnerability in their browsers
Description
Vivaldi and Microsoft have released updates for their web browsers that address security issues, including one that is exploited actively in the wild. 
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. ilev said on April 17, 2022 at 6:29 pm
    Reply

    Microsoft fixed in Edge :

    CVE-2022-29144
    CVE-2022-1364
    * CVE-2022-1305
    * CVE-2022-1306
    * CVE-2022-1307
    * CVE-2022-1308
    * CVE-2022-1309
    * CVE-2022-1310
    * CVE-2022-1312
    * CVE-2022-1313
    * CVE-2022-1314

  2. Nam said on April 17, 2022 at 3:49 pm
    Reply

    ??????? Vivaldi ????? ?????? ? ?????????????, ????? ????????? ??????? ? ??????.

  3. Another said on April 16, 2022 at 6:36 pm
    Reply

    Brave makes me laugh. Your privacy winner, and security, big question mark.

    1. Iron Heart said on April 17, 2022 at 11:40 am
      Reply

      @Another

      Dude, what are you talking about? Brave patched CVE-2022-1364 on April 15th, 2022, one day before you wrote your uninformed comment:

      https://github.com/brave/brave-browser/releases/tag/v1.37.116

      https://www.realmicentral.com/2022/04/15/chrome-100-0-4896-127-closes-critical-vulnerability-that-is-already-being-exploited/

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.