Application security, Vulnerability Management, Patch/Configuration Management

Covert extension installation possible with Microsoft Edge flaw

Start Microsoft Edge app on windows os in screen macro close up view

Potential cyberattacks facilitated by covertly installed browser extensions could have been deployed with the exploitation of an already addressed medium-severity privilege escalation vulnerability in Microsoft Edge, according to The Hacker News.

Threat actors could leverage the flaw, tracked as CVE-2024-21388, to target private APIs, install unwanted browser extensions without any user consent and interaction, and trigger a sandbox escape intrusion, a report from Guardio Labs showed. While there has been no evidence suggesting any active exploitation, such a security issue could be used to enable malicious JavaScript code injections on sites with API access, including bing[.]com, said the report.

"It's relatively easy for attackers to trick users into installing an extension that appears harmless, not realizing it serves as the initial step in a more complex attack. This vulnerability could be exploited to facilitate the installation of additional extensions, potentially for monetary gain," said Guardio Labs researcher Oleg Zaytsev.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.