微软于刚刚过去的周末为 Microsoft Edge 124 发布了安全更新(124.0.2478.97)。此次更新修复了两个安全漏洞,分别是 CVE-2024-30055 和 CVE-2024-30055,前者允许远程攻击者通过特制的 HTML 页面利用堆损坏,后者是 Microsoft Edge 独有的低严重性欺骗漏洞。两个漏洞均已被野外利用,因此 Edge 用户应尽快安装更新。
Microsoft has recently released a security update (version 124.0.2478.97) for Microsoft Edge 124 over the past weekend. This update addresses two security vulnerabilities, namely CVE-2024-30055 and CVE-2024-30055. The first vulnerability allows remote attackers to exploit heap corruption using specially crafted HTML pages, while the second vulnerability is a unique low severity deception vulnerability specific to Microsoft Edge. Both vulnerabilities have been exploited in the wild, so it is recommended that Edge users install the update as soon as possible.
微信扫一扫