{"id":14529,"date":"2020-05-22T17:02:52","date_gmt":"2020-05-22T15:02:52","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=14529"},"modified":"2022-10-02T01:27:31","modified_gmt":"2022-10-01T23:27:31","slug":"sicherheitsupdate-chromium-edge-83-0-478-37","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/05\/22\/sicherheitsupdate-chromium-edge-83-0-478-37\/","title":{"rendered":"Security update Chromium Edge 83.0.478.37"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" title=\"Edge\" style=\"border-left-width: 0px; border-right-width: 0px; border-bottom-width: 0px; float: left; margin: 0px 10px 0px 0px; display: inline; border-top-width: 0px\" border=\"0\" alt=\"Edge\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2020\/01\/Edge.jpg\" width=\"65\" align=\"left\" height=\"67\"><\/a>[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/05\/22\/sicherheitsupdate-chromium-edge-83-0-478-37\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]Microsoft released a security update for the Chromium Edge browser on 21 May 2020. The update to version 83.0.478.37 fixes an Elevation of Privilege vulnerability that is considered moderate.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg04.met.vgwort.de\/na\/ec826981a1964f169dc9309064b261b1\" width=\"1\" height=\"1\">According to <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV200002\" target=\"_blank\" rel=\"noopener noreferrer\">ADV200002<\/a>, Edge 83.0.478.37 closes subsequent vulnerabilities and is based on Chromium version 83.0.4103.61:<\/p>\n<p><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6465\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6465<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6466\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6466<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6467\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6467<\/a>, <br \/><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6468\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6468<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6469\">CVE-2020-6469<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6470\">CVE-2020-6470<\/a>, <br \/><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6471\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6471<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6472\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6472<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6473\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6473<\/a>, <br \/><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6474\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6474<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6475\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6475<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6476\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6476<\/a>, <br \/><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6478\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6478<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6479\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6479<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6480\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6480<\/a>, <br \/><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6481\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6481<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6482\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6482<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6483\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6483<\/a>, <br \/><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6484\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6484<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6486\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6486<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6487\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6487<\/a>, <br \/><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6488\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6488<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-6489\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6489<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-640\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-6490<\/a><\/p>\n<p>The new Chromium Edge can be downloaded from <a href=\"https:\/\/www.microsoft.com\/de-de\/edge\" target=\"_blank\" rel=\"noopener noreferrer\">this website<\/a> as a web installer and <a href=\"https:\/\/www.microsoft.com\/en-us\/edge\/business\/download\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a> as a Buisness-Full-Install.&nbsp; <\/p>\n<blockquote>\n<p>Bodgan Popa published <a href=\"https:\/\/web.archive.org\/web\/20200617162530\/https:\/\/news.softpedia.com\/news\/microsoft-releases-microsoft-edge-83-with-auto-profile-switching-extension-sync-530051.shtml\" target=\"_blank\" rel=\"noopener noreferrer\">this article<\/a> about the Chromium Edge 83 on Softpedia. There you can also find a changelog..<\/p>\n<\/blockquote>\n<h2>Vulnerability CVE-2020-1195 in Edge<\/h2>\n<p>There is also an Elevation of Privilege vulnerability in the Edge Browser (<a href=\"https:\/\/web.archive.org\/web\/20201028165301\/https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-1195\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-1195<\/a>). Microsoft informed me yesterday via Security Advisory about this vulnerability. The vulnerability in Microsoft Edge (chrome-based) exists because the feedback extension validates input improperly. An attacker who successfully exploited this vulnerability could write files to arbitrary locations and gain elevated privileges.<\/p>\n<p>However, the vulnerability does not allow the execution of arbitrary code. However, this vulnerability could be exploited in conjunction with one or more vulnerabilities (e.g., a remote code execution vulnerability and another Privilege Escalation vulnerability) to exploit the elevated privileges during execution.<\/p>\n<p>A security update to version 83.0.478.37 fixes the vulnerability by changing the validation of files through the Microsoft Edge (Chromium-based) feedback extension.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft released a security update for the Chromium Edge browser on 21 May 2020. The update to version 83.0.478.37 fixes an Elevation of Privilege vulnerability that is considered moderate.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[872,580,1547,22],"tags":[320,195],"class_list":["post-14529","post","type-post","status-publish","format-standard","hentry","category-browser","category-security","category-software","category-update","tag-edge","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14529","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=14529"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14529\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=14529"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=14529"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=14529"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}