CVE-2024-43580 – This vulnerability in Microsoft Edge allows att... (How to Fix)

Q: What is the severity of CVE-2024-43580?

CVE-2024-43580 has a CVSS score of 5.4 (MEDIUM). This vulnerability in Microsoft Edge allows attackers to spoof UI elements, potentially tricking users into interacting with malicious content. It affects users of Microsoft Edge (Chromium-based) on Windows systems. The vulnerability requires user interaction to be exploited.

📋 TL;DR

This vulnerability in Microsoft Edge allows attackers to spoof UI elements, potentially tricking users into interacting with malicious content. It affects users of Microsoft Edge (Chromium-based) on Windows systems. The vulnerability requires user interaction to be exploited.

💻 Affected Systems

Products:

Microsoft Edge (Chromium-based)

Versions: Versions prior to 126.0.2592.81

Operating Systems: Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Microsoft Edge on Windows. Other Chromium-based browsers and Edge on other platforms are not affected.

📦 What is this software?

Edge Chromium by Microsoft

View all CVEs affecting Edge Chromium →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could create convincing fake login prompts or security warnings that trick users into entering credentials or approving malicious actions.

🟠

Likely Case

Phishing attacks where users are tricked into clicking malicious links or entering information into spoofed interfaces.

🟢

If Mitigated

Users who are security-aware and verify URLs/security indicators would be less likely to fall victim.

🌐 Internet-Facing: MEDIUM - Attackers can host malicious websites that exploit this vulnerability when visited.

🏢 Internal Only: LOW - Requires user to visit malicious content, which is less likely in controlled internal environments.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user interaction (visiting malicious website) but no authentication or special privileges.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 126.0.2592.81 or later

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43580

Restart Required: Yes

Instructions:

1. Open Microsoft Edge. 2. Click Settings (three dots) → Help and feedback → About Microsoft Edge. 3. Browser will automatically check for and install updates. 4. Restart Edge when prompted.

🔧 Temporary Workarounds

Disable automatic website permissions

windows

Prevent websites from automatically requesting permissions that could be spoofed

edge://settings/content

Use Enhanced Security Mode

windows

Enable Edge's Enhanced Security Mode for additional protections

edge://settings/privacy

🧯 If You Can't Patch

Use alternative browser until patch can be applied
Implement web filtering to block known malicious sites

🔍 How to Verify

Check if Vulnerable:

Check Edge version: Open Edge → Settings → Help and feedback → About Microsoft Edge

Check Version:

edge://settings/help

Verify Fix Applied:

Verify version is 126.0.2592.81 or higher

📡 Detection & Monitoring

Log Indicators:

Unusual permission prompts from websites
User reports of suspicious browser behavior

Network Indicators:

Connections to known malicious domains that could host spoofing attacks

SIEM Query:

Browser events showing permission prompts from untrusted domains

📊 Metadata

CVE ID: CVE-2024-43580

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE: CWE-357

Published: October 17, 2024

Last Updated: October 18, 2024

🔗 References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43580 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-43580, you might also want to check these: