Microsoft has released a security update to address vulnerabilities in the Microsoft Edge Stable Channel. The update is intended to address CVE-2023-2136, which has an available exploit, according to Microsoft.
Microsoft has provided a web link for users and administrators to review and apply the necessary update.
CVE-2023-2136 is a vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. It is a type confusion vulnerability that exists in the Chakra scripting engine of Microsoft Edge.
Successful exploitation of this vulnerability could enable an attacker to take control of an affected system and install programs, view, change, or delete data, or create new accounts with full user rights.
The Cyber Centre encourages users and administrators to apply the necessary update to Microsoft Edge Stable Channel to mitigate the vulnerability. Failure to apply the update could result in an attacker successfully exploiting the vulnerability and gaining control of the affected system.
Therefore, users and administrators are advised to review and apply the update as soon as possible to reduce the risk of exploitation.
