Microsoft has released an updated version of its Edge browser. The vulnerability is a privilege escalation bug tracked as CVE-2023-36741 with a CVSS Score of 8.3 affecting versions prior to 116.0.1938.62.
An unauthorized remote attacker can exploit this vulnerability, which requires the interaction of the user.
Microsoft has not provided any additional details about this vulnerability which limits the current knowledge about this vulnerability. There is no known exploit code available for this vulnerability.
During the previous release notes on August 21, 2023, Microsoft patched two vulnerabilities CVE-2023-38158 & CVE-2023-36787. These vulnerabilities are classified as information disclosure and elevation of privileges patched in the versions Microsoft Edge Stable and Extended Stable Channel Version 116.0.1938.54.
Now, Microsoft has patched only one elevation of privileges vulnerability, which is the 4th patch update this month. As of the month of July, only two release notes were released.
Users of Chromium-based Microsoft Edge are recommended to upgrade to the latest version in order to fix this vulnerability and prevent exploitation