Security Update Edge 86.0.622.63 released

Posted on 2020-11-05 by guenni

Edge[German]On November 4, 2020, Microsoft published a security advisory that refers to a security update of the Edge Browser. The browser must have been updated, but no information can be retrieved. Here is some information about this. Addendum: Details added.

Advertising

As a preliminary note a reference to my blog post  Edge 86.0.622.61 released published a few hours ago. There I had noted that it was unclear whether the vulnerabilities described by me on November 2, 2020 in the blog post Critical security update to Google Chrome 86.0.4240.183 had been closed. Checking for details was not possible, because Microsoft has a large scale disruption of their websites (see microsoft.com was down), which is still ongoing at the moment. So I can't retrieve the page  ADV200002.

Microsoft Security Advisory Nov. 4, 2020

I have just received the following security advisory from Microsoft by mail, which refers to the Edge security update.

****************************************************************
Title: Microsoft Security Advisory Notification
Issued: November 4, 2020
****************************************************************

Security Advisories Released or Updated on November 4, 2020
================================================================

* Microsoft Security Advisory ADV200002

 - ADV200002| Chromium Security Updates for Microsoft Edge based on Chromium
 - Reason for Revision: Updated advisory to announce a new version of Microsoft Edge 
   (Chromium-based). Please see the table for more information.
 - Originally posted: January 28, 2020
 - Updated: November 4, 2020
 - Version: 26.0

However, the security notice does not contain any details and the information page cannot be displayed.

Edge 86.0.622.63 released

The comments of the German readers here indicate that Microsoft Edge Version 86.0.622.63 must have been released on November 4, 2020. Regarding the fixed vulnerabilities  I refer to the blog post Critical security update to Google Chrome 86.0.4240.183.

Addendum: The update addresses the CVE-2020-16009 vulnerability reported and actively exploited by the Chromium team. The site ADV200002 works again and says, Edge 86.0.622.63 released on November 4, 2020 is based on Google Chrome 86.0.4240.183, as suspected above. The security update, rated High, addresses the following vulnerabilities:

Advertising

CVE-2020-16004CVE-2020-16005CVE-2020-16006CVE-2020-16007CVE-2020-16008CVE-2020-16009 *, CVE-2020-16011

Advertising
This entry was posted in browser, Security, Update and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).