[German]Microsoft released a security update for the Chromium Edge browser on 4 June 2020. The update to version 83.0.478.45 closes several vulnerabilities.
Advertising
According to ADV200002 Edge 83.0.478.45 closes the following vulnerabilities and is based on the Chromium version 83.0.4103.97:
- CVE-2020-6493: A use after free vulnerability in WebAuthentication allowed a remote attacker in Google Chrome prior to 83.0.4103.97 to possibly escape from the sandbox.
- CVE-2020-6494: A flaw in the security user interface for payment transactions in Google Chrome for Android prior to 83.0.4103.97 allowed a remote attacker to spoof the content of the omnibox (URL bar) via a crafted HTML page.
- CVE-2020-6495: Due to poor policy enforcement in Google Chrome developer tools prior to 83.0.4103.97, an attacker who tricked a user into installing a malicious Chrome extension could potentially cause a sandbox outbreak.
- CVE-2020-6496: A use after free vulnerability in Payments of Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox outbreak via a specially crafted HTML page.
The new Chromium Edge can be downloaded from this website as a web installer and here as a business full install.
Advertising