Operating System:

[Win]

Published:

22 November 2021

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2021.0242
       CVE-2021-43221 | Microsoft Edge (Chromium-based) Remote Code
                          Execution Vulnerability
                             22 November 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          Microsoft Edge (Chromium-based)
Operating System: Windows
Impact/Access:    Execute Arbitrary Code/Commands -- Remote with User Interaction
Resolution:       Patch/Upgrade
CVE Names:        CVE-2021-43221  

OVERVIEW

        Microsoft has updated its Edge browser to include security fixes from the upstream Chromium project.
                
                Edge version: 96.0.1052.29
                Chromium version:  96.0.4664.45
                Date Released: 11/19/2021
                [1]


IMPACT

        The following vulnerabilities have been addressed:
        	
        CVE-2021-43221 


MITIGATION

        It is advised to update Edge to the latest release.


REFERENCES

        [1] Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
            https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43221

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYZsn9eNLKJtyKPYoAQgrOA//R+rha1vMyuWk9R8ayUlMrh4O9U/s2KAF
Mf+zZe1/g6/+2EnwtEBJLGMF8fDijlt5Psj1+Qp1iunIBz3IHIijRzK91JC1humR
FGaJd4Vn7A4lWGHPD8sAKu2jsMvh4FkMUwzfXCNmHiUPW6Pn2nU/p3jYtDvshRa8
R20S8SY5fMdO9f6UiLrZlQVnuy15B0yG4v31xmYaEUK1WBCjUfSmyaUDKM7jR0Rw
PwX3Avwr6TwgyldCXkN9h98GkkTltSdsAR7HqNxr6LuDbV7Oq0Ft3kgdCTP3ZQ6N
um9RhdMzFPPYSUMYd5KuXAX56Vo36UoWjxD5MjN6y4KGjwhLfQaUVJJkYyVO1sPM
fA/dHmsQdMHmx7FS0Sp5N28Dq8+RhOkAa56EFnCs3KU823a5JiEbXcB6WZvxyhOO
fCqTD1Kb/Oi7Zfno57Y42rrmUUrAqLm3hIdbklZWIBtCLH4yOBv+jknAfH85bIKv
z0kGpotDfYIlQ8K9s2y+LLFYlL980XNdN/MJZdbuHiXY9Y+5DsdgDknbGQQDJTXZ
9o2mc3eju4eXQe6sMmwZn8VWAa7XoSr6DHcMgr4ScUT107esEJTxZh64cA4O8n6W
PORSbAYWwoQvVf7LFcGTQuWK+oZi9P5puc/tLU+JDhYuPwX/I4LBsphg4A5oXSDU
RTwbeAyzvxk=
=rNtb
-----END PGP SIGNATURE-----