Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions
March 27, 2024 at 09:09AM A security flaw in Microsoft Edge browser, CVE-2024-21388, allowed attackers to covertly install browser extensions with broad permissions via a private API, impacting version 121.0.2277.83. The bug enabled installation of malicious extensions without user consent, posing a privilege escalation threat, emphasizing the need for balancing user convenience and security. Key … Read more