[German]Microsoft has published a security advisory on May 31, 2022, to point out various closed vulnerabilities in the Chromium Edge browser. At the end of the month, Edge version 102.0.1245.30 was released to fix 24 vulnerabilities.
Edge 102.0.1245.30 (stable) is maintenance update, which according to the release notes, closes (24) vulnerabilities in the Chromium base, but also fixes the following three, Edge-specific, vulnerabilities:
- CVE-2022-26905: Microsoft Edge (Chromium-based) Spoofing Vulnerability, Aggregate CVE Severity Rating: Low
- CVE-2022-30127: Microsoft Edge (Chromium-based) Elevation of Privilege, Aggregate CVE Severity Rating: Moderate
- CVE-2022-30128: Microsoft Edge (Chromium-based) Elevation of Privilege, Aggregate CVE Severity Rating: Moderate
The following vulnerabilities were fixed in the Chromium part:
* CVE-2022-1853 * CVE-2022-1854 * CVE-2022-1855 * CVE-2022-1856 * CVE-2022-1857 * CVE-2022-1858 * CVE-2022-1859 * CVE-2022-1862 * CVE-2022-1863 * CVE-2022-1864 * CVE-2022-1865 * CVE-2022-1867 * CVE-2022-1868 * CVE-2022-1869 * CVE-2022-1870 * CVE-2022-1871 * CVE-2022-1872 * CVE-2022-1873 * CVE-2022-1874 * CVE-2022-1875 * CVE-2022-1876
Furthermore, Edge developers have introduced the following new policies:
- AllHttpAuthSchemesAllowedForOrigins – List of origins that allow all HTTP authentication
- OutlookHubMenuEnabled – Allow users to access the Outlook menu
- NetworkServiceSandboxEnabled – Enable the network service sandbox
- UserAgentClientHintsGREASEUpdateEnabled – Control the User-Agent Client Hints GREASE Update feature
The browser should be updated automatically, but can also be downloaded from the Edge site.
Addendum: I received feedback from my German readers (see also the comment below), that Edge has PDF printing issues after upgrading to version 102. Currently only German readers are affected – didn't found international users who are reporting this. Therefore here is the link to my German follow up article Microsoft Edge 102.0.1245.30 erzeugt Fehler beim PDF-Drucken. Will write an English article, if I receive reports from international users.
Well… my entire org can't print PDFs, now. Not like we don't avg 10-20,000 prints per damn day or anything (load tags on shipments) und auf Nachfrage kam die Umgebung: Windows 11 Enterprise 22000.708 Language is English (Regional: English).
If you are affected, post also your Windows 10/11 Build in a comment. On Twitter I got the 2nd answer from the above admin:
Got a call from Microsoft support and they confirmed they know about this issue and the GPO setting is the "fix" for now and they are working on further mitigation and/or a patch. This IS related to the PDF security fixes put in place on this build…
The GPO settings are described within this comment in my German blog.
In our case, the GPO setting "Microsoft Edge / Print / Print via system print dialog box" had to be set to not configured, i.e. that the Edge print dialog box is displayed.
Cookies helps to fund this blog: Cookie settings