KLA12513
Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Use after free vulnerability in BFCache can be exploited to cause denial of service or execute arbitrary code.
2. Implementation vulnerability in full screen can be exploited to cause denial of service.
3. Type confusion vulnerability in V8 can be exploited to cause denial of service.
4. Use after free vulnerability in storage can be exploited to cause denial of service or execute arbitrary code.
5. An elevation of privilege vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to gain privileges.
6. Use after free vulnerability in tab groups can be exploited to cause denial of service or execute arbitrary code.
7. Implementation vulnerability in compositing can be exploited to cause denial of service.
8. Use after free vulnerability in regular expressions can be exploited to cause denial of service or execute arbitrary code.
9. Security vulnerability in developer tools area can be exploited to bypass security restrictions.

Microsoft Edge (Chromium-based)

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

CVE-2022-1308
CVE-2022-1307
CVE-2022-1364
CVE-2022-1305
CVE-2022-29144
CVE-2022-1313
CVE-2022-1306
CVE-2022-1310
CVE-2022-1309
CVE-2022-1312
CVE-2022-1314