Microsoft Edge Browser Vulnerability Allowed Hackers to Silently Install Malicious Extensions

Microsoft Edge Browser Vulnerability Allowed Hackers to Silently Install Malicious Extensions

The now-patched vulnerability, marked as CVE-2024-26246, was identified in the Chromium-based Microsoft Edge.

This security flaw would have let attackers bypass the browser’s security mechanism allowing them to stealthy installing of malicious extensions.

Edge, a Personal Concern

I would like to explain my concern here, because every time I hear about Microsoft Edge, I hear Internet Explorer. I can’t help it.

Yes, it’s based on Chromium, and yes in theory, it should work just as well. I’m fully aware that even Chrome has had its share of patches targeting numerous vulnerabilities over the years. But it’s my own experiences as a web developer with Microsoft’s browsers that finds me dreaming of a remote island escape, just to avoid hearing about any of them. #TraumaIsReal.

With Chromium came security updates, a new developer tools, and overall web standard compliance. However the legacy of Internet Explorer, despite these improvements, I argue, it will need generations for perceptions to shift not only for developers, but users as well.

More technical details in the guard.io labs.