A day after Google released an emergency update for its Chrome web browser, Microsoft fixed the security issue in its Microsoft Edge web browser.
Google released an emergency security update to fix a 0 day security issue in the browser. The issue, rated as high severity, was reported to the company on March 23, 2022. Google said it was aware of attacks targeting the vulnerability in Chrome. The company did not provide details, such as the scope of the attacks or their targets.
Microsoft has released a security update for its Edge web browser that fixes the issue. Edge supports automatic updates, but these are not installed in real time on devices. Edge users can manually check for updates to install the security update as soon as possible.
- Open the Microsoft Edge web browser.
- Select Menu > Help & Feedback > About Microsoft Edge, or load edge://settings/help directly into the address bar.
The installed version is displayed on the page that opens and Edge will check for updates. The check should find the new version which brings the Edge version to 99.0.1150.55. The update is downloaded and installed automatically at this point, and a restart is required to complete the process. The update is available for all desktop operating systems supported by Edge.
Microsoft lists the issue as CVE 2022 1096 on its Security Vulnerability Tracking website, but does not provide additional information about the issue.
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which fixes this vulnerability. Please see Google Chrome versions for more information.
Google is aware that an exploit for CVE-2022-1096 exists in the wild.
The Microsoft Edge web browser is based on Chromium, the same core that Google’s Chrome web browser is based on. Most security issues that affect Google Chrome also affect other Chromium-based browsers, including Microsoft Edge, Vivaldi, Brave, or Opera.