Latest securtity update for Microsoft Edge fixes actively exploited vulnerability

Microsoft often pushes updates to its Edge browser to patch bugs, improve performance, and keep up with Chromium security fixes. Yesterday, Microsoft Edge version 136.0.3240.76 landed, which focuses on fixing bugs and patching critical security vulnerabilities.

Microsoft Edge fixes a high-severity security flaw that was being exploited

Microsoft Edge version 136.0.3240.76 focuses on patching critical security vulnerabilities, including one that’s already being exploited. The latest Edge update comes with a security fix for CVE-2025-4664. Microsoft says it “has been reported by the Chromium team as having an exploit in the wild.”

The CVE website details the issue in simple words and notes that the flaw “allowed a remote attacker to leak cross-origin data via a crafted HTML page.”

Well, the Edge 136.0.3240.76 version also fixes another vulnerability (CVE-2025-4609). There aren’t any details about this one, but it also originates from Chrome and is related to “incorrect handle provided in unspecified circumstances in Mojo.”

This update comes a week after a minor update fixed the broken Microsoft Editor spellchecker and added a few other security fixes. Earlier this week, many users were quite frustrated when Edge 137 rolled out to the Beta Channel, as it removed several useful features. Thankfully, the Edge 136.0.3240.76 update doesn’t take away anything.

Not to forget, Edge updates automatically in the background. But if you want to force the update now, copy and paste “edge://settings/help” to the URL bar of the Edge browser. Lastly, make sure to restart the browser to complete the installation.