| VID |
50361 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Microsoft Edge installed on the remote Windows host is prior to 95.0.1020.40. It is, therefore, affected by multiple vulnerabilities as referenced in the October 29, 2021 advisory.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these conditions will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-29-2021
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37997
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37998
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37999
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38000
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38001
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38002
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38003
* Platforms Affected:
Microsoft Edge versions prior to 95.0.1020.40
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Microsoft Edge at (95.0.1020.40 or later), as described in the Microsoft Security bulletin at
https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-29-2021 |
| Related URL |
CVE-2021-37997,CVE-2021-37998,CVE-2021-37999,CVE-2021-38000,CVE-2021-38001,CVE-2021-38002,CVE-2021-38003 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
