Geeks for your information
Microsoft Edge 101 patches 25 security issues - Printable Version

+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Browsers News & Tips (https://www.geeks.fyi/forumdisplay.php?fid=109)
+--- Thread: Microsoft Edge 101 patches 25 security issues (/showthread.php?tid=17229)



Microsoft Edge 101 patches 25 security issues - harlan4096 - 30 April 22

Quote:Microsoft Edge 101 stable is now available. The new version of Microsoft's cross-platform web browser patches 25 security issues and includes several non-security related improvements.

[Image: microsoft-edge-101-release.png]

Desktop users may select Menu > Help and Feedback > About Microsoft Edge, or load edge://settings/help directly in the browser's address bar, to display the current version of the browser. Edge runs a check for updates when the page is opened, and the new update should be downloaded and installed at this point.

Also of interest: Microsoft is testing a browser proxy in Edge currently.

Microsoft Edge 101

Microsoft Edge 101.0.1210.32 patches 25 different security issues in the browser. The majority address issues in Chromium, the core that Microsoft's browser shares with browsers such as Google Chrome, Brave, Vivaldi or Opera.

Two vulnerabilities, CVE-2022-29146 and CVE-2022-29147, are Edge-specific. The first has a severity rating of moderate and successful exploitation could lead to a browser sandbox escape. The second has a severity rating of low, and it could lead to a spoofing attack. Both vulnerabilities require "user interaction or preconditions", and that is the reason why Microsoft reduced the exploitation rating.

The official release notes highlight non-security changes and improvements in Edge 101. Here is a quick overview of important changes. Please note that not all of them may be available yet on all systems:
  • An Apps icon can be added to the favorites bar to launch Progressive Web Apps directly from the toolbar.
  • An option to clear remembered certificates to get the certificate picker to reappear for a site is now supported.
  • The ability to configure shared cookies between Microsoft Edge and Internet Explorer is now available in the Enterprise site list.
  • The ControlDefaultStateOfAllowExtensionFromOtherStoresSettingEnabled policy supports setting a default state for the "allow extensions from other stores" preference.
  • The EdgeDefaultProfileEnabled policy supports setting a specific profile as the default profile when the browser is opened.
Several policies have been added in Edge 101:
  • ConfigureKeyboardShortcuts - Configure the list of commands for which to disable keyboard shortcuts
  • ControlDefaultStateOfAllowExtensionFromOtherStoresSettingEnabled - Configure default state of Allow extensions from other stores setting
  • EdgeAssetDeliveryServiceEnabled - Allow features to download assets from the Asset Delivery Service
  • EdgeDefaultProfileEnabled - Default Profile Setting Enabled
  • InternetExplorerModeEnableSavePageAs - Allow Save page as in Internet Explorer mode
  • KioskSwipeGesturesEnabled - Swipe gestures in Microsoft Edge kiosk mode enabled
  • MicrosoftOfficeMenuEnabled - Allow users to access the Microsoft Office menu
  • SiteSafetyServicesEnabled - Allow users to configure Site safety services
Closing words

Microsoft Edge 101 is a security update first and foremost that addresses 25 different security issues in the browser. The update will roll out to most systems automatically in the coming days and weeks, but administrators may speed up the process using the method described above.

Now You: do you use Microsoft Edge?
...
Continue Reading