- 271/2025
- High
Microsoft has released an updated version of Microsoft Edge in the stable channel, “143.0.3650.80” to address multiple vulnerabilities.
The addressed vulnerabilities could allow the attacker to conduct denial-of-service attacks, perform spoofing attacks, bypass security restrictions, obtain sensitive information, gain elevated privileges, or gain access to the affected systems.
Sample of the addressed vulnerabilities:
Microsoft Edge (Chromium-based) Out of bounds Memory Access in ANGLE Vulnerability (CVE-2025-14174):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
It should be highlighted that Google is aware that the zero-day vulnerability “CVE- 2025-14174” is being exploited in the wild.
Vulnerabilities
- CVE-2025-62223
- CVE-2025-13630
- CVE-2025-13631
- CVE-2025-13632
- CVE-2025-13633
- CVE-2025-14373
- CVE-2025-13634
- CVE-2025-13635
- CVE-2025-13636
- CVE-2025-13637
- CVE-2025-13638
- CVE-2025-14372
- CVE-2025-13639
- CVE-2025-13640
- CVE-2025-13720
- CVE-2025-13721
- CVE-2025-14174
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.