Google discloses security flaw in Microsoft Edge browser
Microsoft hasn’t rolled out a fix for the security flaw as yet.Updated: Feb 20, 2018 13:16 IST
Google and Microsoft’s cat and mouse game continues. The search giant has identified and made public the details of a security flaw on Microsoft Edge browser. Microsoft hasn’t released a patch for this medium-level security flaw as yet.
The vulnerability was first discovered by Google’s Project Zero in November 2017. Google’s Project Zero team searches and reports on finding security flaws prevailing in the products of other companies.
According to an Engadget report, taking advantage of the flaw, hackers could bypass Microsoft Edge’s existing security measures to inject malicious code into a victim’s computer.
Google, through its Project Zero, notified Microsoft about a bug in November, giving the company the usual 90-day disclosure deadline, reports Neowin.
With the three-month deadline over, the team of security analysts employed by Google tasked with finding zero-day vulnerabilities went public with the details of the security flaw.
The search giant granted a 14-day extension to Microsoft after it said that the problem was complex and it needed more time to fix it.
But, Microsoft even missed the second deadline to produce the patch of the vulnerability. However, given Edge’s small market share, the security issue was unlikely to affect too many people though it is still embarrassing for the company.
First Published: Feb 20, 2018 13:16 IST