Mar 29, 07:30 AM

Microsoft Edge Bug CVE-2024-21388 Allows Covert Installation, Patched in Version 121.0.2277.83 by Guardio Labs and Disclosure Team

A new report highlights that SASE solutions are inadequate without enterprise browser extensions. A Microsoft Edge bug could have allowed attackers to install malicious extensions covertly. The bug exploited a private API for marketing purposes, enabling the installation of browser extensions without user consent. Microsoft has since patched the flaw in version 121.0.2277.83, thanks to Guardio Labs and the responsible disclosure team.

#Microsoft Edge #Microsoft #Guardio Labs

Written with ChatGPT (GPT-3).

Sources

The Hacker News@TheHackersNews
2 years ago
Microsoft Edge patched a flaw (CVE-2024-21388) that let hackers install unwanted extensions without your say-so! Read more ➟ https://t.co/5mYjM2xk3H Fixed in version 121.0.2277.83. Kudos to the sharp eyes of Guardio Labs & the responsible disclosure team.
Nicolas Krassas@Dinosn
2 years ago
“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation https://t.co/CZeaIs3CAX
Nicolas Krassas@Dinosn
2 years ago
Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions https://t.co/2rvnMu4aJ9

Additional media

Image #1 for story microsoft-edge-bug-cve-2024-21388-allows-covert-installation

Microsoft Edge Bug CVE-2024-21388 Allows Covert Installation, Patched in Version 121.0.2277.83 by Guardio Labs and Disclosure Team

Sources

Additional media

Similar Stories