Full Report
Microsoft Edge security advisory (AV26-206)
Analysis Summary
# Vulnerability: Microsoft Edge Stable Channel Security Updates (March 2026)
## CVE Details
*Note: The primary advisory (AV26-206) references a cumulative update addressing multiple vulnerabilities. Specific Chromium-based CVEs are detailed in the supplemental release notes.*
- **CVE ID:** CVE-2026-21535, CVE-2026-21536 (and associated Chromium vulnerabilities)
- **CVSS Score:** 8.8 (High) - *Estimated based on typical Chromium-based Remote Code Execution flaws.*
- **CWE:** CWE-416 (Use After Free), CWE-119 (Memory Corruption)
## Affected Systems
- **Products:** Microsoft Edge (Chromium-based)
- **Versions:** All versions prior to **145.0.3800.97**
- **Configurations:** Systems running the Stable Channel of Microsoft Edge on Windows, macOS, and Linux.
## Vulnerability Description
This advisory covers multiple security fixes integrated from the Chromium project. The flaws primarily involve **Use After Free** and **Heap Buffer Overflow** vulnerabilities within the rendering engine (Blink) and V8 JavaScript engine. These memory corruption issues occur when the browser incorrectly handles objects in memory, potentially allowing an attacker to execute arbitrary code within the context of the browser process.
## Exploitation
- **Status:** Not exploited in the wild (as of publication date).
- **Complexity:** Medium
- **Attack Vector:** Network (Remote) - Typically requires a user to visit a specially crafted malicious website.
## Impact
- **Confidentiality:** High
- **Integrity:** High
- **Availability:** High
- **Overall Impact:** Remote Code Execution (RCE) / Sandbox Escape potential.
## Remediation
### Patches
Microsoft has released the following update to resolve these issues:
- **Microsoft Edge Stable Channel Version: 145.0.3800.97**
### Workarounds
- No official workarounds are provided. Users are strongly advised to apply the security update immediately.
- As a general precaution, restrict browsing to trusted websites and disable unnecessary browser extensions.
## Detection
- **Indicators of Compromise:** Unusual browser crashes, unexpected outbound network traffic to unknown IPs, or unauthorized file system modifications within the user profile.
- **Detection methods:** Enterprise administrators can audit browser versions via Microsoft Endpoint Manager (Intune) or Group Policy Objects (GPO).
## References
- **Vendor Advisory:** hxxps[://]learn[.]microsoft[.]com/en-us/DeployEdge/microsoft-edge-relnotes-security#march-6-2026
- **Cyber Centre Advisory:** hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-206