Microsoft Edge browser (130.0.6723.59) version security update advisory

Oct 18 2024

Overview

Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.

Affected Products

Microsoft Edge (Chromium-based) 130.0.2849.46 previous version

Microsoft Edge 130.0.6723.59 previous version

Resolved Vulnerabilities

Memory reuse after freeing in the AI feature in Microsoft Edge (Chromium-based) (CVE-2024-9954)

Memory Reuse After Freeing in the Dawn feature in Microsoft Edge (Chromium-based) (CVE-2024-9960)

Memory Reuse After Freeing Vulnerability in DevTools Functionality in Microsoft Edge (Chromium-based) (CVE-2024-9959)

Insufficient data validation in DevTools vulnerability in Microsoft Edge (Chromium-based) (CVE-2024-9965)

Insufficient data validation in Downloads vulnerability in Microsoft Edge (Chromium-based) (CVE-2024-9963)

Improper Functional Implementation in Navigations feature in Microsoft Edge (Chromium-based) (CVE-2024-9966)

Memory Reuse After Freeing Vulnerability in the Parcel Tracking feature in Microsoft Edge (Chromium-based) (CVE-2024-9961)

Improper Functional Implementation Vulnerability in the Payments feature in Microsoft Edge (Chromium-based) (CVE-2024-9964)

Improper Functional Implementation Vulnerability in the Permissions feature in Microsoft Edge (Chromium-based) (CVE-2024-9962)

Improper Functional Implementation Vulnerability in the PictureInPicture Feature in Microsoft Edge (Chromium-based) (CVE-2024-9958)

Memory Reuse After Freeing in UI Functionality Vulnerability in Microsoft Edge (Chromium-based) (CVE-2024-9957)

Memory Release and Reuse Vulnerability in Web Authentication Functionality in Microsoft Edge (Chromium-based) (CVE-2024-9955)

Improper Functional Implementation Vulnerability in the Web Authentication feature in Microsoft Edge (Chromium-based) (CVE-2024-9956)

Low-grade spoofing vulnerability in Microsoft Edge (Chromium-based) (CVE-2024-43580)

Low-grade remote code execution vulnerability in Microsoft Edge (Chromium-based) (CVE-2024-43587)

Moderate remote code execution vulnerability in Microsoft Edge (Chromium-based) (CVE-2024-43595, CVE-2024-49023, CVE-2024-43578)

Critical-rated remote code execution vulnerabilities in Microsoft Edge (Chromium-based) (CVE-2024-43566, CVE-2024-43596, CVE-2024-43579)

Vulnerability Patches

With the October 17, 2024 Update, Product-specific Vulnerability Patches were made available as follows Please use the Windows Update feature for automatic installation or refer to the URLs in the product information below to download and install.

Microsoft Edge (Chromium-based) 130.0.2849.46 version

Microsoft Edge 130.0.6723.59 version

https://msrc.microsoft.com/update-guide/

Microsoft Edge browser (130.0.6723.59) version security update advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Broadcom Product Security Update Advisory (CVE-2024-38814)

Siemens Product Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Tags:

Broadcom Product Security Update Advisory (CVE-2024-38814)

Siemens Product Security Update Advisory