Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2020.0034 Chromium Security Updates for Microsoft Edge v80.0.361.48 10 February 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft Edge Operating System: Windows Mac OS Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2020-6417 CVE-2020-6416 CVE-2020-6415 CVE-2020-6414 CVE-2020-6413 CVE-2020-6412 CVE-2020-6411 CVE-2020-6410 CVE-2020-6409 CVE-2020-6408 CVE-2020-6406 CVE-2020-6405 CVE-2020-6404 CVE-2020-6402 CVE-2020-6401 CVE-2020-6400 CVE-2020-6399 CVE-2020-6398 CVE-2020-6397 CVE-2020-6396 CVE-2020-6395 CVE-2020-6394 CVE-2020-6393 CVE-2020-6392 CVE-2020-6391 CVE-2020-6390 CVE-2020-6389 CVE-2020-6388 CVE-2020-6387 CVE-2020-6385 CVE-2020-6382 CVE-2020-6381 CVE-2019-19926 CVE-2019-19925 CVE-2019-19923 CVE-2019-19880 CVE-2019-18197 Member content until: Wednesday, March 11 2020 Reference: ESB-2019.3966 ESB-2019.3929 OVERVIEW Microsoft has updated its Edge browser to include security fixes from the upstream Chromium project. Edge version: 80.0.361.48 Chromium version: 80.0.3987.87 This fixes 37 vulnerabilities, with a highest severity of High. [1] IMPACT The following vulnerabilities have been addressed: CVE-2020-6381 CVE-2020-6382 CVE-2019-18197 CVE-2019-19926 CVE-2020-6385 CVE-2019-19880 CVE-2019-19925 CVE-2020-6387 CVE-2020-6388 CVE-2020-6389 CVE-2020-6390 CVE-2020-6391 CVE-2020-6392 CVE-2020-6393 CVE-2020-6394 CVE-2020-6395 CVE-2020-6396 CVE-2020-6397 CVE-2020-6398 CVE-2020-6399 CVE-2020-6400 CVE-2020-6401 CVE-2020-6402 CVE-2020-6404 CVE-2020-6405 CVE-2020-6406 CVE-2019-19923 CVE-2020-6408 CVE-2020-6409 CVE-2020-6410 CVE-2020-6411 CVE-2020-6412 CVE-2020-6413 CVE-2020-6414 CVE-2020-6415 CVE-2020-6416 CVE-2020-6417 [1] MITIGATION Microsoft advises updating Edge to version 80.0.361.48 or later. [1] REFERENCES [1] Chromium Security Updates for Microsoft Edge based on Chromium https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200002 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXkC2j2aOgq3Tt24GAQiFdw//dscavneEthy9OBHSDCVDNQRd6FcPfaxN V1xxb8C/wvGtM/032nTWz49DITbsS2MMCV0z50A6j88TxasrCwrBJRd9VipoQE4I zfdjqmHVsKxAY3iDfDQ5xRXYu3Ijccre2TDOj6n2Avt51ztnMaCQq+k5MMX1wnW0 iNn/eQXdhtLEgKgGibGXBN2Tvn+Ee4dH0ky4WYmDUiEkvMa/6u8ZLcm0CgCSG9kI 5X/YNeC0C8AkiN7qE3ueDjc0Cbyh9wwFPEwiwtHlcv5AwqUxHyYkPMwiJu2P2AHB 6NGLBelazr9Z70VYQzcNhUuP67wmp8yeJZiXUfO/Td/68A/8eHt+ildfDlacellQ d1AEnzAM+E/dw+KLR5wQSTbXWgad3h5+CBTDL8UEjkRmvE1LMhK2nPU/M849bqxU bVx2VDer8963L3H3P6jg0y0MPH8ivCHySJlbql2xmta2UTGkQO/DJTu5N5U21udO QKErUDmgCHVhvQUZ1RQDTs3ZCQ4tmhLHFhIeuJJHgChTfGVH9Ho3hvTD/5iqd+1b oiLcN1cz8dysd/1KqYc+aEQFHbqJ2FJbUOVi9RM9eIpOCzH4VVdgDCdci5KnHoQL 4dyR7ZHdQiWwNiEXXSruwaFTNU9TTrXDp34cvPdxPfkbpNTBBfGrknJhZ/Lh1VKT xg1MxPFqs9Y= =7+ld -----END PGP SIGNATURE-----