Indian govt warns against Microsoft Edge bugs that could let hackers steal data: How to stay safe

The Indian government has issued a warning to the users of Microsoft's Edge web browsers over multiple vulnerabilities that could lead to users' data getting stolen by hacker. The government's cyber security wing, Indian Computer Emergency Response Team, has listed a series of bugs that can be exploited by hackers to their advantage. According to the details shared by India's cyber security agency, these bugs can be used by cyber criminals to bypass the browser's security and 'execute arbitrary code on the targeted system'.

CERT-In, in its warning, said that a cybercriminal could exploit the vulnerabilities in Microsoft Edge simply by sending a special request. This, in turn, would let hackers to gain access to the targeted system, which can then be used for stealing user data.

"These vulnerabilities exist in Microsoft Edge due to insufficient data validation in Mojo, inappropriate implementation in V8 and integer overflow in layout. A remote attacker could exploit these vulnerabilities by sending a specially crafted request to the targeted system," CERT-In wrote in its warning.

What are Microsoft Edge vulnerabilities and how do they affect users?

CERT-In highlighted three vulnerabilities pertaining to Microsoft Edge. The first vulnerability, CVE-2024-7025, pertained to the integer overflow in Edge layout, while the second vulnerability, CVE-2024-9369, lead to insufficient data validation in Mojo. The third vulnerability, CVE-2024-9370, lead to inappropriate implementation in V8.

Simply put these bugs could lead cyber criminals to send a special request to Microsoft Edge to trick into implementing a harmful code. This code, based on what it is programmed to do, could give hackers unauthorised access over the targeted system and ultimately user data.

Who is affected by the Microsoft Edge vulnerabilities?

All the users running Microsoft Edge prior to version 129.0.2792.79 are affected by these bugs.

How can Microsoft Edge users safeguard themselves?

Microsoft Edge users can protect themselves from these vulnerabilities by downloading the latest version of the web browser on their PCs. Microsoft says that it has released "Microsoft Edge Stable Channel (Version 129.0.2792.79) and Microsoft Edge Extended Stable Channel (128.0.2739.107) which incorporate the latest updates of the Chromium project" and fixes these bugs.