Edge browser suffers security flaw which Microsoft failed to fix on time

News
By published

Firm seems to be living on the edge when it comes to patching

Microsoft Edge

Google has found a vulnerability in Windows 10’s Edge browser, and the bad news is that this security bug has been disclosed to all and sundry before Microsoft could patch it.

The vulnerability can be used to sidestep Microsoft’s Arbitrary Code Guard (ACG) protection, leveraging a flaw in the browser’s JIT (Just-in-Time) compiler.

It’s classified as a ‘medium’ severity flaw, so while not up there with the critical bugs, it’s definitely a hole which needs to be patched – and as noted, that sadly hasn’t happened.

Google gave Microsoft the standard 90 days to fix the problem, and then an additional two weeks’ worth of time when the issue was found to be a more troublesome gremlin to remedy than first thought.

Unfortunately, even that fortnight extension wasn’t enough, so the vulnerability is now public knowledge and unpatched.

As Neowin reports, Microsoft is apparently confident that it will have the fix in line for the next big patch day on March 13. Of course, that’s still just over three weeks away.

Security perceptions

And this delay really doesn’t look good for Microsoft, considering that the firm has had something of an uphill battle on the security front with Edge. By that, we mean the software giant has often talked-up the browser in terms of security, when the reality of this has sometimes fallen short, as we saw when Edge was found to be the least secure browser at Pwn2Own last year.

This certainly looks like a security slip, and won’t help Microsoft’s overall image in that respect. All that said, it’s clear that socks are being pulled up on the Edge team – for example, where phishing is concerned, Edge was rated the top browser in defending against that particular online evil in one report last October.

So things seem a little up-and-down for Edge security these days, but if Microsoft wants to convince more folks to start using Windows 10’s browser, it needs to be taking a lot more steps forwards than backwards – on the security front, and elsewhere for that matter.

See more Computing News
Darren Allan

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).

Latest in Browsers
Woman using a Windows computer with Microsoft Edge
Don’t panic – Microsoft’s Edge browser isn’t about to subject you to a flood of unblocked adverts (not yet, anyway)
Google Chrome browser icon
A new split-screen feature is coming to Google Chrome, and it's surprisingly powerful
The Microsoft Edge logo on a black background displayed on a laptop screen.
Microsoft just gave Edge a great new feature to ensure the browser doesn’t slow down the PC, and it’s tempting me to switch from Google Chrome
Google Chrome with Christmas theme in Windows 11
I've used Edge, Firefox, and Opera, and yet after ten years in tech journalism, I still come back to Chrome
Woman using a Windows computer with Microsoft Edge
Microsoft gets rid of ‘Edge uninstall’ advice page after facing criticism over it having nothing to do with removing the app, and just promoting the browser instead
Microsoft Edge
Sorry, you're not getting Microsoft Edge off of your PC, at least according to its new 'uninstall' document
Latest in News
Ray-Ban Meta Smart Glasses
Samsung's rumored smart specs may be launching before the end of 2025
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
More about browsers
Woman using a Windows computer with Microsoft Edge

Don’t panic – Microsoft’s Edge browser isn’t about to subject you to a flood of unblocked adverts (not yet, anyway)
Google Chrome browser icon

A new split-screen feature is coming to Google Chrome, and it's surprisingly powerful
BenQ PD2730S

I wanted an Apple Studio Display - until I reviewed the BenQ PD2730S
See more latest
Most Popular
ClinkCaim laptop
Laptop prototype with detachable AI webcam (but without a normal touchpad) wins award at the 'Oscars' of the design industry
Compal Infinite Laptop
This laptop has a horizontal rollable display that extends to 18 inches, and I can't wait to try it
Silicon Motion MonTian 128TB SSD
More 128TB SSDs on the way, but they won't be cheaper: Key maker of NAND flash controllers says 128TB SSDs are shipping
Toshiba HDD Innovation Lab
How to make hard drives faster? Simple, just bunch dozens of them together, Toshiba says
Asus Ascent GX10
Asus debuts its own mini AI supercomputer: Ascent GX10 costs $2999 and comes with Nvidia's GB10 Grace Blackwell Superchip
Ray-Ban Meta Smart Glasses
Samsung's rumored smart specs may be launching before the end of 2025
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models