Operating System:

[WIN]

Published:

05 March 2020

Protect yourself against future threats.

//Service

Sensitive Information Alert

Alert notification provided via email for sensitive material found online by our analyst team which specifically targets your organisation.

Read more
Resources > Security Bulletins > ASB-2020.0053 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2020.0053
 ADV200002 | Chromium Security Updates for Microsoft Edge (Chromium-Based)
                               5 March 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Microsoft Edge
Operating System:     Windows
Impact/Access:        Reduced Security -- Remote with User Interaction
Resolution:           Patch/Upgrade
Member content until: Saturday, April  4 2020
Reference:            ASB-2020.0052

OVERVIEW

        Microsoft has updated its Edge browser to include security fixes from
         the upstream Chromium project.        
        
        Edge version: 80.0.361.66
        Chromium version: 80.0.3987.132
        Date Released: 3/4/2020


IMPACT

        The following vulnerabilities have been addressed:
        
        CVE-2020-6420 [1]


MITIGATION

        It is advised to update Edge to version 80.0.361.66 or later.


REFERENCES

        [1] ADV200002 | Chromium Security Updates for Microsoft Edge
            (Chromium-Based)
            https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200002

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXmCG/GaOgq3Tt24GAQh/Xw/9GPqYgM3PQTd91cJs6wSjhY8OvRrQff5Y
ip+qoR/LGUyxH/t3jTW6chgk8pizkTktxCnKH/aMcRZN3mEjXlhiKU4OgNxcsB2K
xZLWs8Su6CbbKPbp1862XygSSqgvh4ozmPdn4BfkcKS+ag7JCLySzqf3esoPqbTF
Ud8QofU3DN/8t5geUVZVtuktQgkUzYY/6+dmEF+gaB0IrU4ajJ7zaxBWRgoJoTlg
3p/5tgO6y/PzhrJP4daBiKvYjyxShZaJu3pMVrKTPa3KbvFFhm9NApCTyLPLvewU
9t6jwA184zhxzFXpidqZVG96973ElX+VHo7ve4NLN6RDe6AlBLOjmg9QgNYNKZsa
r7RH5Sap+6nCop5CcewDUfhJhhT666a78FABnnFJK5G0pwH3QCQpEf52qaHDgJXX
XF8Ap5JecfuW+pIzRVy5EnYXyu82KLCIlFFOdymZnUJcDj+de54eyNU4szy8+C7J
9CcA7T2hifuHifKWoZx864vuR/3/d7bmDDNxGvhZ7z/YMwKt3AdZFord4IeBiShu
CS8rPIqxaqp/XN2icM0g/YitNuVojbHbP3xHuLCSIP8thoDLDVI4hnBO/cVWgA3h
EJq641GCZ+uVe/M8QlXKf0LbrK8HTPiSlOZDXdns144CkPmK56RMpYpyz+R4M1y/
KfcLHj0tLJU=
=OWMy
-----END PGP SIGNATURE-----