Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2021.0112 Microsoft Security Update Releases 28 May 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft Edge (Chromium-based) Operating System: Windows Linux variants Mac OS Impact/Access: Increased Privileges -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2021-31982 CVE-2021-31937 OVERVIEW The following Chrome CVEs have been released on May 27, 2021. These CVE were assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses these vulnerabilities. Please see Google Chrome Releases for more information. [1] Edge version: 91.0.864.37 [2] IMPACT The following vulnerability has been addressed: * CVE-2021-30521 * CVE-2021-30522 * CVE-2021-30523 * CVE-2021-30524 * CVE-2021-30525 * CVE-2021-30526 * CVE-2021-30527 * CVE-2021-30528 * CVE-2021-30529 * CVE-2021-30530 * CVE-2021-30531 * CVE-2021-30532 * CVE-2021-30533 * CVE-2021-30534 * CVE-2021-30535 * CVE-2021-30536 * CVE-2021-30537 * CVE-2021-30538 * CVE-2021-30539 * CVE-2021-30540 See Security Update Guide Supports CVEs Assigned by Industry Partners [3] for more information about third-party CVEs in the Security Update Guide. MITIGATION It is advised to update Edge to the latest release. REFERENCES [1] Google Chrome Releases https://chromereleases.googleblog.com/2021 [2] Security Update Guide https://msrc.microsoft.com/update-guide/en-us [3] Security Update Guide Supports CVEs Assigned by Industry Partners https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/ AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYLBVTuNLKJtyKPYoAQi/1xAAlX7uRZq4hRwYJwUJPsqagwzEMJENrlJO us41zozfM8Rup3cwI2mJNB+1upgOBtF7Atw0dkF5B4y0DoFnMCYi1SKc7+rSb7JS zfsFc9wYliu1md9Lqv1NWvWiaQskXl+Hy5mllidQ93mVQN2vK/yI7Dz7nZbS11QF ZKw5cpuOpow+SF9VNJApMpMsKyMgVxe0AgqtlW7KQlAlnot3ixctaFdB5j9ovxb2 w2v3PmmsqKWH8GvA2jAbgdH+a6B2Nk7oBCcQTytwmLcNilJop7FchPt9Xjve77se 2AwaHfVwq+J32H3i1iFDiwExz+HRlg5pqX/xlKujYDV9aWOXSlXqg0FGzsHb3Hlc mFXwgEpI70H2tTfeI0A7gozMby9I68cbcdEOrrJ5Y+y6B65aRppnJgQU7RX+z/Ak iatpUnRlN6pxQyIHArPl2YV3HAiMsjUjYr9sH1k4KdqlVZoFc88zVQC/0TxeYYsR FKpbodTNY1pY4PxYq7UZDEJmUG+NJwrdBqqhLwtPGPo/mpbT66VgLQ4LgqYL1e5a JJ8fHOtGo56SZDgA0jR+Rvq37KS6STkfhLGd1n1j51/waQmBPwOuEgy2Upb7Vu6z LYpSUUfnewzk+k3OxqfGxFjW69N8fIBVKSurAk/hyFq06O/qj3QbJ+K6PTH+1o2O VE2tD56bgok= =Mxwq -----END PGP SIGNATURE-----