Microsoft releases Edge 125.0.2535.85 to Stable Channel and brings fixes for 7 Chromium vulnerabilities 

The update came out on June 3, 2024

Reading time icon 3 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Microsoft releases Edge 125.0.2535.85 to Stable Channel and brings fixes for 7 Chromium vulnerabilities 

Microsoft Edge 125.0.2535.85 was released to the Stable channel, and several bugs and performance issues were fixed. The update also included fixes to seven Chromium vulnerabilities

Here is the changelog mentioned in the release notes for Edge 125.0.2535.85 :

Fixed various bugs and performance issues.

Stable channel security updates are listed here.

Announcement

Microsoft Defender Application Guard extension deprecation. Because Application Guard is deprecated, there won’t be a migration to Edge Manifest V3. The corresponding extensions and associated Windows Store app will not be available after May 2024. This affects the following browsers: Application Guard Extension – Chrome and Application Guard Extension – Firefox. If you want to block unprotected browsers until you’re ready to retire MDAG usage in your enterprise, we recommend using AppLocker policies or Microsoft Edge management service. For more information, see Microsoft Edge and Microsoft Defender Application GuardDeprecated features in the Windows client – What’s new in Windows, and Microsoft Defender Application Guard – Windows Security.

Here are the security vulnerabilities that were fixed in the Edge 125.0.2535.85 update with their detailed description:

Security vulnerabilities DescriptionChromium security severity
CVE-2024-5493Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to exploit heap corruption via a crafted HTML page potentially.High
CVE-2024-5494Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to exploit heap corruption via a crafted HTML page potentially.High
CVE-2024-5495Use after free in Dawn in Google Chrome before 125.0.6422.141 allowed a remote attacker to exploit heap corruption via a crafted HTML page potentiallyHigh
CVE-2024-5496Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. High
CVE-2024-5497Out-of-bounds memory access in Keyboard Inputs in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML pageHigh
CVE-2024-5498Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pageHigh
CVE-2024-5499Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. High

To install the latest Microsoft Edge update, go to Menu>Help and Feedback > About Microsoft Edge. You can also launch Edge and type edge://settings/help in the address bar.

You can also download Microsoft Edge Edge 125.0.2535.85 (64-bit) 170.0 MB or (32-bit) 155.0 MB from the official website. To learn about Microsoft 125 and the features included, read this guide.

What do you think about Microsoft Edge 125.0.2535.85? Share your opinions with our readers in the comments section below.

More about the topics: microsoft edge browser

User forum

0 messages