Microsoft has updated the Edge browser in the stable channel to version 103.0.1264.71 as of July 22, 2022. It is a maintenance update that also includes a fix for the vulnerability CVE-2022-2294. Thanks to the user for pointing this out.
Advertising
The release notes don't give any more details about the update, except that CVE-2022-2294 is fixed. This is a rated critical vulnerability (buffer overflow in WebRTC) that has already been closed in Chrome. Google is aware that the vulnerability is being exploited in the wild. Bleeping Computer colleagues reported here that the vulnerability was exploited to infect and exploit journalists in the Middle East with the Candiru spyware. The primary source is this AVAST post.
The browser should update automatically, but can also be downloaded from the Edge site. Whether the download bug (see Microsoft Edge 103.0.1264.44 download bug: .crdownload files remains) has been fixed is open.
