===========================================================================
ZMCIRT Vulnerability Bulletin
ZMC-2021.11.18.0800
Microsoft Edge (Chromium-based): Execute arbitrary code/commands - Remote with user interaction
18th November 2021
===========================================================================
Product: Microsoft Edge (Chromium-based)
Operating System: Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2021-43221
OVERVIEW
Microsoft has updated its Edge browser to include security fixes from the upstream Chromium project.
Edge version: 96.0.1052.29
Chromium version: 96.0.4664.45
Date Released: 11/19/2021
[1]
IMPACT
The following vulnerabilities have been addressed:
CVE-2021-43221
MITIGATION
It is advised to update Edge to the latest release.
REFERENCES
[1] Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43221
- --------------------------END INCLUDED TEXT--------------------
ZMCIRT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. ZMCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Internet Email: report@cirt.zm
Telephone: 7070
ZMCIRT personnel answer during Zambian business hours
which are 8am to 5pm.
On call after hours for member emergencies only.
===========================================================================
Copyright @2023 ZAMBIA CIRT