Security
Headlines
HeadlinesLatestCVEs

Source

Microsoft Security Response Center

CVE-2022-0459: Chromium: CVE-2022-0459 Use after free in Screen Capture

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 98.0.1108.43 2/3/2022 98.0.4758.80

Microsoft Security Response Center
Open in Source
#microsoft#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2022-0458: Chromium: CVE-2022-0458 Use after free in Thumbnail Tab Strip

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 98.0.1108.43 2/3/2022 98.0.4758.80

CVE-2022-0457: Chromium: CVE-2022-0457 Type Confusion in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 98.0.1108.43 2/3/2022 98.0.4758.80

CVE-2022-0456: Chromium: CVE-2022-0456 Use after free in Web Search

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 98.0.1108.43 2/3/2022 98.0.4758.80

CVE-2022-0455: Chromium: CVE-2022-0455 Inappropriate implementation in Full Screen Mode

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 98.0.1108.43 2/3/2022 98.0.4758.80

CVE-2022-0454: Chromium: CVE-2022-0454 Heap buffer overflow in ANGLE

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 98.0.1108.43 2/3/2022 98.0.4758.80

CVE-2022-0453: Chromium: CVE-2022-0453 Use after free in Reader Mode

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 98.0.1108.43 2/3/2022 98.0.4758.80

CVE-2022-0452: Chromium: CVE-2022-0452 Use after free in Safe Browsing

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 98.0.1108.43 2/3/2022 98.0.4758.80

CVE-2022-23258: Microsoft Edge for Android Spoofing Vulnerability

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 97.0.1072.69 1/20/2022 97.0.4692.99

CVE-2013-3900: WinVerifyTrust Signature Validation Vulnerability

**What is the result of opting into the stricter verification behavior?** Opting into the stricter verification behavior causes the WinVerifyTrust function to perform strict Windows Authenticode signature verification for PE files. After you opt in, PE files will be considered "unsigned" if Windows identifies content in them that does not conform to the Authenticode specification. This may impact some installers. If you are using an installer that is impacted, Microsoft recommends using an installer that only extracts content from validated portions of the signed file. **How can I enable the new signature verification behavior?** Customers who would like to enable the new Authenticode signature verification behavior can do so by setting a key in the system registry. When the key is set, Windows Authenticode signature verification will no longer recognize binaries with Authenticode signatures that contain extraneous information in the WIN\_CERTIFICATE structure. Customers can choose ...