After Google in Chrome, Microsoft is now also closing the zero-day vulnerability CVE-2024-7971 in Edge via an Edge emergency update.
A few days ago, Google released Chrome 128 that included new features as well as patches for a total of 38 vulnerabilities. One of them has already been actively exploited. Now Microsoft is also releasing an update for its Chromium-based browser Edge that eliminates the risky vulnerability CVE-2024-7971 and fixes five other security vulnerabilities. Microsoft initially offered the update for Edge for Windows (version 128.0.2739.42), and a little later also for MacOS and Linux.
On some PCs the Edge update did not occur automatically and was not available via Windows Update. Instead, the affected users had to update manually directly in the browser, via the menu option Help and Feedback/Info about Microsoft Edge. It is recommended to install the patched version as quickly as possible, since cyber criminals are already abusing the riskiest vulnerability.