MICROSOFT has found a ‘severe’ new vulnerability on Edge – here’s how to protect yourself.
A new zero-day flaw tracked as CVE-2022-2294 has been discovered on Microsoft Edge.
What is a ‘zero-day’ flaw?
“Zero-day” are vulnerabilities that have not yet been patched or fixed by software developers – meaning that they can be fully exploited by hackers and cybercriminals.
They often stem from unknown issues and are especially dangerous until coders can fix the problem.
Once a solution patch is written and used, the exploit is no longer called a zero-day exploit.
What about CVE-2022-2294?
This vulnerability in Microsoft’s Edge software leaves users open to hackers who can take control of their computers.
Experts believe the flaw originated from the Chromium project or the open-source code that Google’s Chrome browser utilizes, per Digital Trends.
Because Microsoft uses the same base code for its browser, the same bugs tend to affect both Edge and Chrome.
Most read in Tech
What has Microsoft done?
After uncovering the flaw in its software, Microsoft quickly administered an emergency patch on Thursday.
“This update contains a fix for CVE-2022-2294, which has been reported by the Chromium team as having an exploit in the wild,” the company said in the patch log.
The Edge build that plugged the hole is 103.0.1264.48, according to Tech Radar.
How can I protect myself?
For many users, the patch should’ve automatically taken effect in Edge.
However, this is not the case for everyone, and users are advised to check and update their software versions, immediately.
To make sure you’re running the latest version of Edge, head to the browser’s menu.
From there navigate down to Help and Feedback, then go to About Microsoft Edge.
If you’re not running the latest version, Microsoft will inform you on that page.
Should that be the case, simply click on the update, select Download and then hit Install.