Microsoft Edge Vulnerability

Google reveals Edge flaw after Microsoft fails to meet deadline

Researchers at Google’s Project Zero unit dedicated to finding security vulnerabilities in software reported a flaw in Microsoft’s Edge browser in November 2017, but it still has not been patched.

Google’s Project Zero has gone public with another Microsoft security vulnerability after the software giant failed to issue a fix within allotted time

Project Zero has a controversial policy of giving software producers 90 days to fix any vulnerability its researchers find before going public, to ensure a swift response.

In November, Project Zero researchers discovered a flaw in Edge that, if exploited, could enable attackers to bypass Microsoft’s Arbitrary Code Guard (ACG) to inject and execute malicious code.

Microsoft is now reportedly expected to release patch to fix the issue on 13 March when its next monthly security update release is due.

Make sure your machine is up to date. If you’re worried about your computers security and want to make sure your machine is up to date, then give us a call on 01672 552340 or email us at support@jpitsolutions.co.uk.

 

Comments are closed.