Microsoft Edge Elevation of Privilege Vulnerability

An elevation of privilege vulnerability has been identified in the update mechanism of Microsoft Edge (Chromium-based). This vulnerability allows an attacker to gain elevated privileges on the affected system, potentially leading to unauthorized actions that could compromise user data and system integrity.

Impact

Exploitation of this vulnerability could allow an attacker to gain elevated privileges, enabling unauthorized actions that could disrupt system integrity or compromise user data.

Remediation

A mitigation script is available that disables the vulnerable update mechanism. This script stops and disables the Edge update services, renames the update executable to prevent it from being launched, and disables automatic updates by modifying the Windows Registry. The script also applies access control rules to prevent non-administrative users from modifying the update executable.