Update your Microsoft Edge Browser

  • CERT Admin
  • Tue Jun 29 2021
  • Alerts


Microsoft rolled out an update for the Edge browser to fix two security issues where one could allow an attacker to bypass security and perform arbitrary code


Universal cross-site scripting (UXSS) vulnerability (CVE-2021-34506) found in the Microsoft Edge browser which can be triggered when automatically translating web pages using the browser’s in-built feature called Microsoft translator. 

A successful exploit of this vulnerability would allow an attacker to bypass security and execute arbitrary codes on the target system. 


· Exposing sensitive information to unauthorized parties.

· Execute of unwanted/malicious programs/codes.

· Unauthorized access .


Solution/ Workarounds 

· Update to the latest version of (91.0.864.59) Microsoft Edge browser by visiting Settings and more > About Microsoft Edge 



· https://heimdalsecurity.com/blog/microsoft-edge-vulnerability-couldve-allowed-hackers-to-steal-files/ 

· https://portswigger.net/daily-swig/researcher-gives-low-down-on-serious-uxss-flaw-in-microsoft-edge 

· https://thehackernews.com/2021/06/microsoft-edge-bug-couldve-let-hackers.html 



The information provided herein is on an "as is" basis, without warranty of any kind. 


Last updated: Tue Jun 29 2021